* Posts by Sabahattin Gucukoglu

77 posts • joined 21 Feb 2007

Page:

Site news: Unique commenter handles coming

Sabahattin Gucukoglu

AC Ident Code

Any chance of being able to distinguish ACs using a unique serial number stamped on their cowardly foreheads? That way, at least the cowardly identity of the character behind the unique coward can be challenged by reference rather than timestamp. We can then do the usual searches against each coward, identify trends, heap them into a suspected terrorist database, etc. (You must, of course, be careful never to make connections between an AC and his non-AC person.)

Cheers,

Sabahattin

(Sebby is what people call me, if I'd known it was a handle it's what I'd've used when I first signed up.)

0
0

Google Wave - interwebs idealism in real-time

Sabahattin Gucukoglu

Wave Is A New Protocol

"But the thing to remember is that Google Wave isn't just an app. It's a protocol. Or at least it will be. The idea was to create a new communication paradigm that everyone will use."

Good luck with that one, chaps. There's a very good reason SMTP and email are where they are today: they're simple, and they're everywhere. If you think even the hold of the 'net that XMPP has is a metric for success, you've got a very long time indeed to wait until world domination is yours, and that assumes people really want it the Google way on more sites than just Google. And that's not to speculate on the kind of tow-dragging those condemning IPsec and IPv6 are capable of.

Yes indeed, Google, you've got a long fight ahead of you. Roll up them sleeves! Maybe you can do better than everybody else who complains that SMTP is 'Broken' and is 'Open to abuse', etc, but I doubt it. Well, if they can't, why should you? Perhaps Wave is wonderful. Or perhaps Google will be in denial before long. We'll see. In any case, I'll thank you kindly not to interfere with my use of Mutt for clear, speedy, concise communication.

Cheers,

Sabahattin

0
0

Amazon cloud welcomes airplanes of data

Sabahattin Gucukoglu

And Next ...

On-demand CD/DVD burning/pressing. You know, tell the web service the name of an ISO file and an address under your control to send it to in desired quantities, and bob's not your uncle. Could be great for direct-to-customer or personalised disc sale, specially if EC2 is used to autogenerate to S3 using a master and almost no bandwidth or in-house robotic fiddling.

The fine print: the above text is mine. All mine, I say. Amazon can have the idea, which I'll just nip off to the patent office to patent now, for the cost of a recordable CDR. I'm not in it for the money, you see, just the legal disestablishmentarianism.

Cheers,

Sabahattin

0
0

Amazon teaches cloud self-growth trick

Sabahattin Gucukoglu

Scale What?

I never understood what starting up more boxes could do for you. I mean, how can you benefit from having more boxes without IP and DNS-based load balancing? How can you coordinate things so your new units -- databases, web servers, etc -- are useful without doing an awful lot of messing about in the configuration of the whole? And even if you could, can you really spread database load and web server load without introducing the same DNS-based (and really quite unreliable) load balancing Amazon are finally offering here as real IP-layer solutions?

Somebody is just going to have to clue me in a bit. I just don't understand what use there is for automatic scaling. Sorry. :-)

Cheers,

Sabahattin

0
0

Curl taps Adobe RIA infrastructure

Sabahattin Gucukoglu

Curl

Nice utility. The web Swiss army knife for the command line. With a perl script and no dependencies you can use Amazon's "REST" APIs ...

Sorry.

0
0

Larry Wall on the Zen of Perl 6

Sabahattin Gucukoglu
Stop

The Magic of Perl

... is overrated. Really. I refuse to believe in a general-purpose language that makes my life as a student of that language terrible by making the mantra something like, "Believe me, I know what I'm doing, you feeble creature! It is okay and acceptable for there to be twenty different uses for every keyboard character and it is not shameful for each routine to be different according to how you use it!"

So I learned Tcl and still can't get over the beauty of it. You should, too - you'll soon understand why pragmatism isn't all there is to it, and will probably wonder why perl still exists for doing more than states/awk and sed do now but faster. Why, wasn't that why perl was invented? And don't you find Python/ruby/Tcl already doing it better? Pffft!

You should require about ten minutes to fully digest the Tcl(n) manpage. Then you should require about three minutes for each command. Then you should be able to write a general-purpose program. You will find Tcl more metamorphic than perl, as well as much more minimal and hacker-sane. In a few days you will be incredibly attractive to members of the opposite sex, as can be evidenced from the fact that I still don't have a girlfriend. :-)

Lest there be any question as to my awesome hacker potential: my MTA of choice is sendmail, and I write my very own line noise^h^h^h^h^h^h^h^h^h^hcf files.

So ner! :-P

Cheers,

Sabahattin

0
0

Nine in ten emails now spam

Sabahattin Gucukoglu

NAT Boxes Should Port 25 Block By Default

How about we get a load of NAT box makers to block port 25 by default? Saves the ISP and gives the customer choice. Just an idea I can't believe I haven't had before ... though ISPs should be taking more care. And anyway a load of WinDrone boxes are hooked straight into the net.

I need some more spam. Do you mind?

Readers, please leave this alone. Non-human harvesters only! Use this trap: erhi@yamta.org

There. Now, what will happen? When will I get my first spam?

Cheers,

Sabahattin

0
0

Any clouds in your sky?

Sabahattin Gucukoglu

Moving Personal Email

I need somewhere to put my domain's email, which is basically just me and for purely personal use. There's nothing critical - if my connection goes down (I rather doubt Google will ...) I can probably wait. I'm looking at Google Apps, which is quite exciting really. If it doesn't work, and I need my other services as well and can't compromise, I'll look into a Zen VM somewhere like the Spring Server(TM) dyndns.com now does.

I want "Cloud Computing" primarily because I think I have other things in life to do now besides worry about my aging Pentium-II Linux server. I don't want to be here when it breaks down. I'd sooner be without the anxiety which hurt the last time I had a couple of disk failures at bad times, and email is really quite important to me. It should still work whatever happens. Better to make it somebody else's problem as long as they get my money and I'm pleased, and I'll start worrying again when I'm employed or can take or want to take it back on again. And in the meantime I can do the moving ISP/house thing or whatever.

Cheers,

Sabahattin

PS: If you pay Google they guarantee you an SLA - it's £25/user/year (not counting aliases and mailing lists) (just a multi-destination alias, not a real Google group). There is a free offering. Start here:

http://www.google.com/a/

0
0

Sons of Macintosh - shaking the Apple family tree

Sabahattin Gucukoglu
Thumb Down

I Think You Should Know ...

Current MacBook and MacBook Pro no longer include overlay numeric keypad. It is the will and the way and the sin of the messiah to banish such a superficial inconsistency of symmetry (he did it because he wanted the MacBook keyboards looking just like the new wireless keyboards, apparently) into the furthest deepest darkest regions of the hereafter. Gone's the floppy and right-click in his image, and now the numlock and the numpad ... What's the world coming to?

So anyway, you can forget number-intensive tasks. Did Apple ever dig that? Some popular programs like ProTools equally struggle because of this, so watch out. Just so you know, in case you get stuck trying to use it, especially in Windows. I need a numpad for my screen readers ... There is none; you'll need an external keypad. Damnation!

I like my MacBook 13-inch PVC cover, but it's the OS I went for really. I'll not go on and on about what I find annoying, though there are some things I just can't believe even got through to market, because that's OT. But, I do think the price is worth badgering about. I'd hate the Apple Fanbois to think the hardware was somehow special, because it isn't. It works but it's not miraculous or blessed or anything like that, and you're paying a very handsome price for, well, the Apple Experience be that in software, integration, looks, whatever. As the article says though, you paid that price because you wanted those things.

Cheers,

Sabahattin

0
0

Still sending naked email? Get your protection here

Sabahattin Gucukoglu

Enable STARTTLS In Public-Facing MTAs

You should find that a number of hosts, especially M$ Exchange, are by default attempting STARTTLS against hosts they find it advertised on. So, if you run an MTA and happen to have a certificate in use likely to be trusted by M$'s highly-paying customers (I.E. the certificate issuers they've let into their OS) then go ahead and enable STARTTLS and present it. (Enabling STARTTLS without such a certificate isn't advised because you risk losing mail from such mailers - they'll try STARTTLS, fail, then bounce; other hosts may or may not yield to failed verifications, and many may include the lesser known certificate issuers like cacert.org where M$ do not.) That should facilitate transparent cross-border encryption and verification without end-user help.

Cheers,

Sabahattin

0
0

Microsoft's IE 8 puts giant web hole on notice

Sabahattin Gucukoglu
Stop

Hmm ...

Sounds like an oncoming flop to me.

If you're lumbered with IE, as alas I so often am, there's the option to turn JavaScript off for everything except links in the Security options. That should prevent the effects of JavaScript injection. Trust no-one. Who wants JavaScript when CSS is more often used for layout stuff nowadays anyway? Can't think of (m)any legitimate uses for it that aren't better served by less lazy webmasters.

Cheers,

Sabahattin

0
0

Apple skewered over missing DNS patch

Sabahattin Gucukoglu
Unhappy

Hmm...

Seems ISC aren't quite done yet with BIND. This was sent to bind-users (but not to bind-announce):

http://groups.google.com/group/comp.protocols.dns.bind/browse_thread/thread/289f1af6eb37b3d6/976c504aff5bba35#976c504aff5bba35

Cheers,

Sabahattin

0
0

Exploit code for Kaminsky DNS bug goes wild

Sabahattin Gucukoglu
Unhappy

Please!

Enough of the FUD, already. The flaw is no different to the many other hypothesised flaws against DNS implementations we've seen, with regard to the RNG; it's just that it's been exploited in a fairly clever way to achieve the same ends. It's media hipe, plain and simple. Nothing changes the fact that non-vulnerable servers are non-vulnerable precisely because their authors and users gave two short craps about the security implications of bad PRNGs. Coincidentally, I just joined bind-users to ask a question about additional section data caching and so learned of this live exploit, because I don't like what I've found about RFC 2181 ranking by default in BIND of additional section response caching. Since this actually is very slightly relevant to this security problem, in that additional section caching is necessary for the exploit to work as it stands (it can be trivially improved to work around it though), I can't wait to get to the bottom of it. In the process, I found this gem in the BIND FAQ:

Q: Is there a bugzilla (or other tool) database that mere mortals can have

(read-only) access to for bind?

A: No. The BIND 9 bug database is kept closed for a number of reasons.

These include, but are not limited to, that the database contains

proprietory information from people reporting bugs. The database has in

the past and may in future contain unfixed bugs which are capable of

bringing down most of the Internet's DNS infrastructure.

The release pages for each version contain up to date lists of bugs

that have been fixed post release. That is as close as we can get to

providing a bug database.

<Sigh.> First the Linux Kernel maintainers, and now the ISC. Seems nobody wants to be honest about security issues in their software. Of course, there's a real risk in exposing innocent people to real vulnerabilities without available patches; but if it's important to do full-disclosure, it's also important to do it properly and so using a bug database and treating security bugs like any old ordinary bug is very silly. Besides, does that make it right to do as has been done here - to pull wool over peoples' eyes? I wonder - how many of those servers would be resistant to the flaw, as compared to now, if Kaminsky and his cohorts had outed the flaw at the moment the patches became widely, generally available, as they have been, for immediate consumption? I'll put money that, even factoring in the laziest admins, the net would be safer than it is now. Panic and exploits, alas, make for an incomplacent admin. Incomplacent admins are valuable things. And detailed security announcements, complete with descriptions of affected software and the means by which the attacks are possible, make for happier ones, who very occasionally can and do apply workarounds while patches are not available.

There. I don't feel much better, but at least it's all out now.

Cheers,

Sabahattin

0
0

Vendors form alliance to fix DNS poisoning flaw

Sabahattin Gucukoglu
Unhappy

I Feel Betrayed

I like BIND, I really do. It's functional, multipurpose, adaptable and well-documented. A bit buggy, it's true, but it does what I want in the way I want in the way that no other nameserver I've tried (djbdns, MaraDNS) does. It's like Sendmail - not ellegant, but lovely for its functionality and close to administrators' hearts. But to find that after all these years they still haven't figured out a way to generate different queries with unique IDs and source ports using a genuine cryptographically-secured RNG is just bloody ridiculous. Of course, it won't stop me from using BIND. Or Sendmail. Or thttpd (which has had a couple of low-profile flaws). I guess functionality and ease of administration *do* matter, however much you care about security - and I do care, certainly enough to keep it simple whenever I can (vsftpd, Dovecot, Dillon's Cron, OpenNTPD, etc).

Cheers,

Sabahattin

0
0

Google plays musical chairs with affiliate ad networks

Sabahattin Gucukoglu

No Ads, Per Force!

I'm blind, and most ads don't include alts, hence get skipped with the touch of a key. And because I'm blind, I don't download images. And because I'm careful, I don't take no cookies from no-one unless approved first, do the same for javascript, and restrict ActiveX/Flash/etc to the trusted list. All of which means that the Internet stays mostly 1.0 for me. It's fast, too, and very peaceful, without popups I don't ask for, lots of noise from silly ads and terrible performance. I still allow bgsound and equivalent, because that's very occasionally cute. Meta refresh still accepted, too, because that's often used for more good than evil. The funny thing is that CSS is getting used more now that it's pretty much usable and the web is becoming more standards-focussed, so this setup even works in elinks! It's so nice to see new functionality actually *restore* interoperability, rather than take it away.

And The Register? Yeah, I've bought my merchandise already ...

Cheers,

Sabahattin

0
0

World economy group gives IPv6 big push

Sabahattin Gucukoglu

@ Ian Chard

Try http://ipv6.google.com/

0
0

Microsoft updates squash four critical bugs

Sabahattin Gucukoglu

XP SP3 Unaffected By Jet exploit

If you installed SP3 recently, you have this fix. The affected module was msjet40.dll v < 4.0.9505.0.

Cheers,

Sabahattin

0
0

Sun's 'Project Copy Linux' goes commercial

Sabahattin Gucukoglu
Stop

Re: More foolish from people who don't know

Mommycalled: "Solaris is SysVr4 based. Sun changed from a BSD based OS to SysVr4

around 1988, that's 20 years ago."

I wouldn't call Linux a BSD derivative (more like SysV), but it still owes a lot to BSD. Thanks for the heritage tip (I stand corrected), but my point is that Sun don't have to write everything to be famous. And that's what you think commercial companies can do exclusively. No, Sun are standing on the shoulders of giants. That doesn't mean their contributions aren't valuable or that they don't have great engineers, but many FOSS developers are very good (including those in BSD land who aimed for quality).

FTR: I use Linux on my server for various reasons (primarily, accessibility in textmode). NetBSD's hardware support still has a bit to be desired, but it works on my playboxes, both textmode and GUI, network or no. But OpenSolaris really *was* a mess the last time I looked, and I'm going to take special care not to look at it again until it runs on enough everyday desktop hardware. Like, you know, RTL8169 cards embedded on mainboards (yes, I know, but that doesn't change anything - it still didn't work). And all that aside, I have issue with Sun's oily friendliness towards the OSS world. I'll wait and see just how "Open" they mean by Open Source, and maybe then I'll reconsider. If Sun run OpenSolaris on opensolaris.org, for instance.

Mommycalled: "What's different between NetBSD kernel development team being an email away and the

Solaris Kernel development team being an email away. Bzzt NOTHING. Besides I don't

have to deal with Theo de Raadt"

Theo is OpenBSD, not NetBSD. And yes, while he does froth at the mouth a bit, his contributions can hardly be considered valueless.

There is *no* difference between the reachability of the kernel teams, silly! That was the point - one's free OSS and one's commercial OSS; both provide a complete core system and neither is a packager of outside stuff, at least not exclusively and in the sense that RedHat are. Don't you know how much NetBSD is putting into standards-conformance in their shiny new base system and tools? Don't you know that NetBSD tools are now in Apple userland? Silly, silly, silly!

"I guess releasing the Solaris

source into the wild is nothing."

The licenses have to be agreeable and Sun has to *mean* what it says. Giving bits away gradually, keeping back premium features while exploiting the community, etc, etc, are not how you show your openness. It's like MySQL - the source is certainly there, but no commitment. It's not FOSS - not really. I know that's sort of nebulous, but Sun want to undo the hurt they've done others before they can be trusted. And as long as Linux has the real market leader, you'd be silly to deny that Sun craves a piece of the spotlight. OTOH, they're certainly doing their best, especially recently. But it's not always easy to say it's been about mutual benefit.

http://www.theregister.co.uk/2007/06/13/schwartz_v_torvalds/

Cheers,

Sabahattin

0
0
Sabahattin Gucukoglu
Stop

Misc

mommycalled: you must of course be aware that SunOS/[Open]Solaris is a BSD derivative with some big-iron features in it (some specific to Sun hardware). So do stop spreading the "Sun are original inventors" tripe. Thank you. If I wanted a BSD, I'd go look for one and spare myself the mess that OpenSolaris on X86 is right now. And it'd be free, fully-supported and rock solid too (my preference is NetBSD at the moment). And I'd still end up with an OS whose kernel team was a mailing list away, and who in turn are closely connected with the rest of the core team for an integrated OS (which Sun thinks is an exclusive for a commercial vendor even though companies like RedHat have their own developers to work on QA, distribution-specific patches, etc, etc, etc).

Cheers,

Sabahattin

0
0

ISP reporting network to pierce bandwidth smokescreens

Sabahattin Gucukoglu
Linux

Show us the source!

You can't, because the tests have to be secret? (They're using a modified Linksys router running on Linux.) Oh, very well. It wouldn't do to spoil your fun, I suppose, but do make sure you release the sources / describe the tools and methodology when the tests are over. I don't want to connect completely foreign hardware doing potentially strange stuff on my network, thanks. My own hand-built Linux router is already quite capable of doing all the monitoring in the world, and also keeps my network up. Unfortunately, though, the router also provides services from/to the net directly through the DSL modem inside, so testing on my network with this trick would never work. Pity! But I await the results anyway. They could be interesting.

Cheers,

Sabahattin

0
0

McAfee 'Hacker Safe' cert sheds more cred

Sabahattin Gucukoglu

@ Alistair Wall, Re: screen readers

It does indeed. Just checked with two popular Windows screen readers. Works in elinks (textmode on *nix) too. :-(

Of course, that's only a problem if you believe this ridiculous claim. Which I don't. Although I couldn't help digging into it, just in case I, er, missed anything.

I struggle to imagine a simple way of implementing this banner without using an image and static alt/title unless script were used, or a CGI, or something equally likely to cause grief to the performance-desiring webmaster. Web counters are often images, so we often don't get to read those, either.

Cheers,

Sabahattin

0
0

Penguin goes electronic

Sabahattin Gucukoglu

Hmm. I wonder ...

Is there any hope that this will open up more reading possibilities to print-challenged individuals? We can only hope, although given the currently abhorent state of ebook DRM mechanisms out there, most of which rely on security through obscurity anyway, I'm given to be pesimistic. Still, the cost probably isn't quite such an issue if it's your only option, although I agree that selling both print and electronic versions at the same price is something of an insult.

Cheers,

Sabahattin

0
0

Comcast admits it can do the impossible

Sabahattin Gucukoglu
Unhappy

And when you've quite finished messing about ...

Do you think you could just spare the five minutes required to do outbound port 25 blocking from your customers by default? It's just, you know, that might be a really good start to cutting out wasted bandwidth, and then maybe you'd find yourself less needful of this data-damaging nonsense. And it'd help the world's spam volume, too. Go on, tech boys, you know you want to. Perhaps if you saw how obnoxious your marketing dept was, you'd see sense. This, for instance:

http://www.news.com/2102-1034_3-5218178.html?tag=st.util.print

Cheers,

Sabahattin

0
0

Russian serfs paid $3 a day to break CAPTCHAs

Sabahattin Gucukoglu
Happy

Wa wa wa ...

<rant>

Excellent. No more CAPTCHAs. No more freemail accounts, either. We all really, really miss those. Especially blind people, like me. Yeah, I really need them so I can trall painfully slow-loading, graphic and ad-filled pages. We never wanted email redefined using the Web 2.0 paradigm, and here's why: it doesn't bloody work. No-one needs webmail outside of the ISP, and no-one need have anything but an ISP account if they don't run their own domain and/or mailer. And since protocols exist to do mail without the bloody web, no-one has any excuse. Portblocking becomes less useful, as does filtering on SMTP client behaviour, though, which is less good. But SPF and co. suddenly gain usefulness and those of a selfish tone of mind may then quite effectively and correctly blast the offensive domains. ISPs suddenly need to take responsibility for their output relays as more and more freemails become blocked, assuming portblocking is employed at all (Comcast, are you listening, you self-satisfied reprobates?).

</rant>

Cheers,

Sabahattin

0
0

Unpatched RealPlayer bug paves way for drive-by downloads

Sabahattin Gucukoglu

Real Alternative

Of course, that simply includes the requisite bits of the Real Player necessary for actual playback. The ActiveX control is included, so this security hole affects Real Alternative users as well. I only use Real's codec for the BBC Listen Again feature, and then only through that pesky ActiveX control ...

Cheers,

Sabahattin

0
0

Rogue servers point users to impostor sites

Sabahattin Gucukoglu

Dangers of DNS

This article is just not helping my brains at all. How did the user get the malware in the first place such that their resolvers were subverted? Certainly, not through a nameserver - it would have to be some other way that the user was sent to get it first, from an "Address" running - what, a web server that is being referenced by other rogue DNS servers? Why on earth are bad DNS sites in any way needing to be recursive? And how many open hosts were real bad, and how many just weak and cache-corrupted for evil? And last of all, where did they get these impressive figures - scan of the entire net's nameservers for answers to the address lookups of the vast majority of known-scammed sites? Nope, I need the paper.

@Gordon Fecyk, re recursion: there's nothing wrong with recursion as such (some servers are deliberately configured to be open in spite of potential cache poisoning); like you say, you kinda need it. The rest of the world doesn't, though, so you'll have to somehow get your nameserver only to answer recursive queries from given netranges - those owned/operated by your clients. Running your own caches really is a very sensible thing to do, and is good to the net.

The reason recursion is a "Risk" has more to do with the fact that DNS is a stateless protocol running on UDP. It usually takes just one UDP packet in both directions from query source to nameserver and back to get a recursive DNS query answered (and that's in total if the server need not chase up). Apart from the obvious fact that you don't want anyone that doesn't need your resources to get the benefits of your caches' RAM/CPU when you're following the recursion every time you get asked about places you've never heard about, opening recursion to everyone means giving a potential bad person the ability to cause your nameserver to make outbound queries whose results will be cached on the attacker's demand. (He may, in fact, be able to do this already, for instance by connecting to a service that does RDNS checks or sending mail so that an MX lookup is performed as part of the antispam check, but at least he usually can't make too much out of that when his goal is taking over your web browser.) Obviously, his idea is that you take the word of authority from the attacker as response to your nameserver's question, not data from the legitimately authoritative host, and then cache it for a suitably lengthy time (the time to cache the record is in the TTL field of the record the attacker forged, rather helpfully). If your attacker is on the same physical network as your nameserver, he can simply race a response to its queries before the genuine response gets in. And he can answer on behalf of your nameserver when it is queried from outside - so he can replace your web pages and take your incoming mail. If the attacker is not on your network, weaknesses in the randomness of certain aspects of generated packets (IP source port and query ID) can be learned by experimentation of an attacker - perhaps by making your nameserver query one under his control - and the suitable response to a malicious query (one for which the attacker actually wants you to cache bad data) anticipated and forged in the genuine server's address (this is much, much harder though; the patches for BIND were fixing exactly this kind of weakness - namely, by copying better code from BIND 8 into BIND 9).

In summary: best not allow recursion when not necessary. It really makes sense. For local attackers, it's just asking for trouble - not that they haven't got other, much more result-giving alternatives to try (ARP spoof ...) in case that doesn't work. But if your nameserver is isolated somewhere near a border, attackers are still possibly able to do bad things - fill up your RAM and maybe poison you.

I know it was barely English, but I hope that helped!

Cheers,

Sabahattin

0
0

Gatwick reduced to anarchy by 'computer glitch'

Sabahattin Gucukoglu
Alert

And now for the obligatory question ...

Which OS, damn it?

My vote's Windows, which to this day is impossible to configure to store UTC in the RTC. The driver goes through a stupid procedure to try and gestimate UTC on startup from RTC local time and TZ setup, which is of course bloody stupid. Having said that my Windows box went back without a hitch.

Cheers,

Sabahattin

0
0

Microsoft will not appeal EU monopoly fine

Sabahattin Gucukoglu
Gates Horns

Re: Oh FFS !

SImon, the problem here is that the specifications themselves are royalty on claim of patents. That's the equivalent to, I don't know, charging you for the use of an RFC because it has some sort of company secret in it, but giving everyone who receives any code you write to implement that RFC safety and security and the permission to redistribute your code. I either have to use your code or pseudo-reverse-engineer it in order to derive the original specification, all because Microsoft weren't gracious enough to just do the right thing and give this away under terms suitable for use only by OSS developers (on which, as you say, there is in any case too much emphasis). I really don't see this as anything more than squeezing the last drop of cash out of the situation. Having said that I'll probably donate to the hat that supports the development of an open library for utilising these specifications for other projects' uses.

So yeah, while I'm happy with a bit of patent protection, the victory has more of a precedent rather than practical value, and I think we should watch out. For starters, the patents covered aren't even known!

Cheers,

Sabahattin

0
0
Sabahattin Gucukoglu
Unhappy

<Sigh>

No, nothing's new, is it? I'd really hoped, just then, that Microsoft did the right thing. But the docs aren't freely available because Microsoft has unstated patent applications covering it. Which means that anyone with a grain of honour in his soul will not trouble to implement this in OSS. Except those who have the money and who, like as not, are already in bed with M$. So reverse-engineering is still inevitable despite the availability of fully-specified interfaces you've got to sign your blood on and swear never to reveal to others.

Thanks a lot, EC! You've done very well for us all. :-(

Cheers,

Sabahattin

0
0

California court tilts towards mandating web accessibility

Sabahattin Gucukoglu

@ C, Re: Cases/Precedent

Petitions and lobbying aren't binding, no; so it's not surprising that it's often not effective at all. I'm sorry, but you must see this from the plaintiff's point of view - website providing potential independence for blind person for large retailer not accessible for what appears to be a reasonable amount of work in state providing for accommodation across the board. If the blind chap had his reasons for using that retailer, and there's no easy way to justify why the changes can't be made at non-impacting cost, then the case still has merit.

I did leave out whether the site really constitutes reasonable accommodation, and it's not something I can easily answer to, although the judge's remarks about using the site as a vector for planned shopping has some sense to it in my opinion as a frequent blind online shopper. I take your point, though, about potential abuses here. It is, as I say, somewhat inglorious a use of the legislation. It will be necessary to ensure that people are not financially impacted providing that a reasonable subset of disabilities are catered to for all visitors; something I think is more than possible with current W3C WAI and other guidelines and tools. But if I want to lobby someone, it's my local MP, and over here in Blighty we're pretty hard on the DDA requirements and penalties and, besides, pretty good to our less-capable citizens. Unless you're government - then you're excuse for having dreadful website design is that you don't care.

"It's great that some random blind guy can now use Target's website. That is *totally*

worth screwing over a nation of webmasters, subjecting Mom and Pop online shops to

fines higher than their family income, and attorney fees for battling it out in Federal

court with an AG from a state they have never dealt with."

Your comment was complete without this. I've addressed all of it, with one exception: yes, it is great that some random blind guy can use target.com. If you maintain that any side-effects of getting accessibility as far and wide as possible are implicitly deleterious, then we've got no hope whatsoever of making the web a reasonably fair medium for everyone, as it should be. The problem, of course, is that this is by far the biggest defense against legislation of this or any other sort that mandates reasonable accessibility, whether or not the legislation was suited to the task or not. And the current US legislation (like s508) is already getting quite good lip service as it is by less devoted organisations who take the absolutely most minimal approach possible to comply.

Cheers,

Sabahattin

0
0
Sabahattin Gucukoglu

Cor Blimey, Guvners

There's a load of stuff here I can't possibly respond to all of (though I would if I had time), but here's to some of the most promising oratory. Oh, and yes, I'm totally blind. Totally duff, do you hear? From birth, and it's congenital and sex-linked and the outcome isn't guaranteed to be fortunate provided I ever have a boy. It might not be blindness, that is.

I feel for everyone. We may not all have the same capabilities, but as humans we owe each other respect and ought to have the courage to conscientiously do as best we can to help others, rather than make impulsive decisions based on our hasty judgements. No matter how you feel for someone with a disability, it is almost certainly not nearly the pain and frustration they themselves feel in pressing situations. Trust me - I've had it from both sides. In that sense we are all equal, although I personally feel my disability to be quite the most trifling of many other more impairing. And although I agree there are those spoiled and immature enough to take advantage of their minority status (not helped by the way our state calculates its rewards for disabilities), there are many others who won't and don't deserve treatment as though they did.

Chris C:

"Don't get me wrong, I sympathize with disabled people, I really do. But why is it

that everything needs to be created for the lowest common denominator (no offense

intended)?"

First-rate sympathy, that. Go on like this and you'll get the Nightingale award for sure. Rest of your screed discarded off-hand as being basically flawed in light of obvious thinking, the cost of the net, the availability of standards, etc, as nobly pointed out by others. The "It's not my fault if you're duff" argument is not how to make people realise that others out there really do need help - yes, you will too, if you become disabled (to think otherwise is very ignorant of the issues at hand) and I hope for your sake that your chosen supreme being didn't hear you and you don't. I wouldn't wish it on anyone.

In response to Fran Taylor: Firefox works with Window-Eyes and JAWS. IE works with JAWS, Window-Eyes and Hal (the "Big three" screen readers). See also NVDA, an Open Source screen reader for Doze: http://www.nvda-project.org/ . Supports some DHTML elements in Mozzy's DOM. Hot stuff, that.

On Linux: in textmode, brltty (my favourite, braille terminal driver) works just fine with practically any current textmode browser/mail/newsreader (I use elinks), with the bonus that most mail/news/browsers have been modified to work in mainstream sources with the AT tools (cursor tracking, etc). Oh, the beauty of Open Source! Also, YASR (external) and Speakup (in-kernel) screen readers. Mozzy is less perfectly supported under Gnome with Orca, as is OpenOffice. But they're getting there. Orca, otherwise, runs superbly with Gnome, and work is underway to get the KDE ATSPI/ATK bridge worked up to allow Gnome AT to run with KDE interface. Includes support for terminal and the speech dispatcher supports software TTS. Ubuntu, furthermore, is live with accessibility - see here: https://help.ubuntu.com/community/Accessibility

OSX: Tiger is accompanied by Voiceover, which works alright with Safari, though not superbly. Leopard will apparently have a better screen reader in it with some revolutionary features, and has the bonus of having some genuine blind-person's feedback (first release was a bit, y'know, experimental).

And, what the hell, something on a slightly related note: AGRIP, http://www.agrip.org.uk/

(See? We don't all just sit around here on our arses whining! No, we sit around here on our arses playing deathmatches! :-) )

Yes, the W3C's validation tools encourage you to check for the WAI elements. Use them! Oh, and keep a couple of testers of varying kinds on hand. It shouldn't be hard, of course, because you developed your site perfectly the first time round ... didn't you? No, there are no excuses. Sorry. The tools, the specs, the knowledge - they're all free. Testers accumulate every which place, like on mailing lists. Ask around. Don't use crappy elements for no reason, like heavy javascript and mindless flashy Flash in core functionality. All that's left for you to source is a bit of commitment. There's no reason at all you can't make your site enjoyable to everyone.

Ole Juul: totally agree with you here; graphical elements are taking precedence when they should not. Give everyone a command-line shell, like in the good old days! Bring back gopher and FTP and Archie! :-) Seriously though, do give thought to the lonely man with the 80x25 terminal, or the poor sod without any net access at all but only a proprietary mail interface in a tight spot, for he is smarter than you are. :-) I think the web was a nice use to put those frail new desktop GUIs to back then, but it's gone way too far. The web isn't just about document retrieval anymore, and the platform-neutrality that was taken for granted back then has gone. Perhaps the "Semantic web" will change this in future, but somehow I don't see it happening - people are obsessed with HTTP and HTML and XHTML and all that stuff and use it for things it just isn't bloody well designed for. But I digress.

Cases and precedent: I hate to say it, but making a fuss does have the useful effect of causing people to take note and draws attention to the issues, even if it is a little bit inglorious. Many successful lobbyings have taken quite significant effort of amassment by blind individuals, and there've been quite a few petitions and such just to make the point, mostly for insensitive corporate monoliths (there were ones recently for Google and Hotmail). Where the money is, the sense isn't. On that footing, a court case is a welcome change. By contrast, the little guys are often quite ready to put the devs on the frontlines to make their portals/whatever accessible. (Elreg, BTW, is great.) Obviously many institutions are legally required (banks/telecoms/etc) by DDA, but even so there's been quite a lot of recommendation for those that cater especially well. Anyway, I think the positive aspects of this case significantly outway any ill-will directed at prosecution for giving any appearance of arrogance.

Right, think that's it.

Cheers,

Sabahattin

0
0

Currency launched to cover the cosmos

Sabahattin Gucukoglu
Coat

How Many QUIDS ...

to the Zorkmid?

And as someone else points out, quids are just fine representing the Limeyian pound, thanks so much. And Red dwarf, in any case, sees the currency of space as the dollarpound, reflecting a distinctly allied west. I suppose we can be grateful these clumsy coins aren't exchangeable for Turkish Lira, in any event. (Situation has drastically improved in Turkey both due to strong adoption of the Euro [gugh] and to the New Turkish Lira which is essentially just a million times stronger than an approximate equivalence in "Old" Lira.)

@Ian: coins aren't a problem to a blind person provided they're actually distinguishable in some way. Size is a usable measure but not preferable. Texture is nicer. British currency is very good there. In the US there is still a lot of rather ineffectual fuss being made over the fact that different denominations of note aren't distinguishable without using a mark reader, but even there there's a chance the unit won't get it right. Over here (UK), you can do it just measuring notes against the finger, with practice, or use a small measuring gauge, because the change in widths across the notes is quite distinctive enough.

Cheers,

Sabahattin

0
0

Message storm turns DHS email list into social networking utility

Sabahattin Gucukoglu

Re: That's a real beginner's mistake...

Couldn't possibly agree more. To add insult to injury, most mailing-list managers have some sort of graphical administration tool (be it by web or by GUI). A few clicks, surely, is all it would've taken to put it right. Although it should've been right from the start.

Re aliases: it's damned tempting, for sure, to use aliases rather than intermediate mailing-list managers. Most MTAs even make this easy (for instance sendmail using owner-list and list to control returned mail and membership). The real advantage is speed; the MTA can optimise bulk deliveries. The disadvantage is practically everything else - filtering of any kind, moderation, MIME part stripping, bounce handling (although you could still have a custom robot for that purpose, it would be harder to use). Most obviously it means user management of subscriptions is nontrivial. Depending on mailing-list manager, speed may be impaired (those using VERP, for instance, where envelope sender is varied uniquely per recipient so that bounce handling becomes straightforward). Others do it right, though - they accept the message, then call the MTA to send en-mass after doing filtering.

Ah well, guess sysadmins don't come cheap over there.

Cheers,

Sabahattin

0
0

Open source development goes Mac-tastic

Sabahattin Gucukoglu

POSIX

Apple are borrowing quite a bit from NetBSD for the top-level tools in Darwin (I.E., the bottom half of OSX). NetBSD is decidedly excellent in the POSIX conformance thing, so I suspect Apple have made a few more shameless grabs...

Cheers,

Sabahattin

0
0

Microsoft shouts 'Long Live XP'

Sabahattin Gucukoglu

Vista

People who observe RAM usage: this is normal and it's due to M$'s new and improved memory manager. (Improved is, of course, an entirely subjective term, and this opinion is that of Microsoft.)

You can summarise Vista thusly: XP with new flash to make you feel good about buying it but for no other reason, and some (though not nearly as many as their should be) low-level improvements. If you turn the flash off, you're left with XP that has some features it should/could've had five years ago, or perhaps even 2000 should've had. You notice how every future version of Windows now has GUI elements for configuring new features added in the last? At last, Vista allows you tune (reasonably) the TCP/IP stack. Likewise, XP let you configure the time service added in 2000. Linux, on the other hand, is all low-level and no GUI (okay, yeah, but let's be fair to the great unwashed here). Linux has had stuff Vista is only just developing ages ago, with all that wonderful reliability to boot (accellerated networking, better threads/scheduling, IPv6, etc).

You can't downgrade without an existing license to XP - you have to install XP with a key you already own and then activate over the phone. Laborious and just the thing to guarantee you don't bother.

As for hardware prices going down because of Vista - well, that's just great! More for Linux, and to be used wisely!

Cheers,

Sabahattin

0
0

Adopt this dog or we'll kill it

Sabahattin Gucukoglu

Don't go mad ...

All they want you to realise is that animals have to die because the overpopulation hasn't got anywhere to go but into the loving hands of shelters. This simply means that if you want a cat or a dog, find your perfect companion at a shelter! You don't need to worsen the situation by paying money for a young pedigree/near-generation breed of animal and you can still be happy.

This just makes me glad to continue recommending animal homes to future pet owners. So far I don't think I've ever heard anyone let down. My stray cat certainly couldn't be a healthier and more lovable animal to keep. One would think the expenditure of keeping these animals would enough to convince people to consider taking an admittedly small portion - the cost of the animal - out of it!

Cheers,

Sabahattin

0
0

Adobe gifts internal file permissions to unwashed masses

Sabahattin Gucukoglu

Couple of things ...

I think you mean "Traversal", not "Transversal". It's a directory traversal attack, because you're using relative paths (EG ../../../etc/passwd) to traverse the filesystem while avoiding most of the common checks done by software to see that they're not being abused (EG paths don't begin with a '/' in order to detect if a filename is given). Even when checks are in place to attempt the resolution of pathnames, they're not always sufficient - see, for instance, the Microsoft Unicode double-escape directory traversal attack in IIS.

The other issue is considerably more serious, though: what in the name of sodding bloody buggering hell is the webserver doing with access to a key file that ought to be root-owned and that the server ought to have read into memory before dropping the hell away from superuser privileges and certainly before even thinking about accepting queries over the network?

Cheers,

Sabahattin

0
0

Allot intros big bandwidth shaper

Sabahattin Gucukoglu

Mark My Words

It's going to go wrong. Terribly, terribly wrong. Giving ISPs more of a leverage than they already have to squeeze the life out of small businesses and competitors ... it's a mistake. If an ISP/whatever can buy and actively use such technology and feel good about it, there's something wrong with its management. There has to be, because they would do better to advocate improving their networks and the networks of those around them for everyone's benefit and to support the use of standards to ease the problems of end-to-end QoS (I know, like a lot of the net, there will be those who abuse that too, but we have to think of the people for whom the net is built and they make up most of it, so we just improve implementations to support a more secure design and thereby putting the issue in the hands of the people). On the other hand, the technology companies are making a handsome profit from what they know is a lucrative market and a controvertial issue while happily skirting around the touchy issues involved (don't you just love the bit about tracking individual users?).

Tip: ISPs that treat their customers like third-rate citizens *do not* get my vote. If I find you traffic shaping/blocking/limiting or transparent proxying without prominent notice to would-be customers (no, terms and conditions are not enough - you must publish the fact that you manage your resources using these methods and make your customers understand that you think it's a good idea for their sakes), I shall at once condemn you and your customers to my best sneer. I will also make no uncertain remarks about the issue if I get someone asking me what ISP to go for. Although I don't like it, I'm less worried about ISPs who call their service plans "Unlimited" providing there is no enforceable cap (some do, some don't). I still recommend you don't call your plan unlimited though unless you're damned sure every one of your customers - even the greedy bastards who're on and loading all the time and who don't keep much-needed information/downloads/etc offline - will not reach any cap, either policy or technical.

Cheers,

Sabahattin

0
0

EC competition commissioner slams US dissing

Sabahattin Gucukoglu

Alternative (Non-US) Root Nameservers

http://www.orsn.org/

Based in Europe, principally; the only US server is being run by, of all people, Paul Vixie. Great service, sensible policy: track ICANN unless they go bad, in which case stop tracking ICANN. Yours for the princely sum of exactly zero of your chosen currency. :-) To get going, download the root hints and set up as a hint zone for "." in your nameserver, or you can patch/configure your nameserver software to get that effect. I've got djbdns and bind nameservers to use it just fine.

Cheers,

Sabahattin

0
0

Adobe captures ebook standard. What now?

Sabahattin Gucukoglu

Speech Synthesis

Adobe reader has support for the use of SAPI for synthesised text output, provided the book/PDF exposes the textual data and grants the right (say, could that be what Adobe means by "Permission to read aloud"?). For publishers paranoid about text copying, we - the blind users - have a little war to wage against the publishers, whilst the screen reader vendors work with Adobe to make the reader work just well enough to be usable. Oh, the joys; the unadulterated pleasures of it all.

Speech synthesis, I think, is something you get used to. I'm blind and use it all the time, and I've heard pretty much all synthetic variations from the 30s onward. Perhaps, rather than using concatenated elements, you should look into formant-based synthesis by rule? It's more unnatural (more computer-sounding), but much more agreeably consistent. The inflection is really there, carried by punctuation, and the synthesisers do their best to make things sound smoothe and responsive. ScanSoft now owns most of the best commercial synthesisers. There's a heavy license tag on them, though, for use by licensees who, in the AT market, rub a bit off on the end-victim. Then there's Fonix, whose latest generation is a mix using samples and DSP for a minimal footprint - a runtime for Linux can be had at $30. Open Source is available, quite good in cases and mostly in the by-rule category. Festival, which uses diphones and sounds not bad-ish, was once truely open; it seems to have become dubiously licensed since. But ESpeak, FreeTTS and Flite are still in evidence, and have their approvers (flite being, in essence, a fast-performing festival - until recently, anyway).

Human-sounding? Try http://www.nextup.com/ for all that's best in synthesis for use by the easily-impressed great unwashed. Go on, surprise yourselves. You'll pay for your sin with large disk space requirements.

I've read Project Gutenberg (I *love* Project Gutenberg! Check them out at gutenberg.org ) from Shakespeare through JKJ through Crompton using TTS. I think I've been most impressed by ScanSoft Elloquence's rendition of As You Like It. It's just amazing. And beautiful. Synthesisers that make you concentrate too hard on their output (I.E., those not blessed with very intelligent exception dictionaries, grammatical processing and with huge gobs of diaphone data at high-quality rates using a less-than-average blessing of emphasis rules for a big bite of CPU) are just hideous to use for anything serious. These are, I think, what you really want in a narrator for your EBook though, and what humans not needing synthesis in an assistive market think of as somehow necessary. It isn't that you don't need a better synthesiser, it's just that you're already hard-put-on to get anything more human-sounding onto your desktop computer. Surprising though how many people can listen to and learn Elloquence (rule-based) in little more than a few minutes before understanding it flawlessly, clearly and consistently. Hmm. If you can take the stereotypical robot-sounding voice, you'll soon master it and love the privileges it brings you.

Cheers,

Sabahattin

0
0

Microsoft thanks EU after losing its appeal

Sabahattin Gucukoglu

No, Come On

Microsoft could never dare to pull out of Europe. What's worse, after all - a quick slap on the wrist or three or the loss of consumer, OEM/wholesale and contracted licenses in all of Europe?

Cheers,

Sabahattin

0
0

The importance of 'whole journey' email encryption

Sabahattin Gucukoglu

The Standards Are Here

... so use them. X.509 certificates, TLS (extensions defined/used for all protocols: HTTP/SMTP/POP/IMAP), S/MIME or PGP (your choice; OE has always supported S/MIME). Simple configuration changes, group policies, etc etc. should make it possible to ensure all communications are required to be not only encrypted by sent/received by trusted hosts. Then there's PGP, of course - PGP can take lots of money from you in exchange for their serverside integrated stuff for sending between hosts, assuming intercorporate X509 relationships don't exist for use of SMTP TLS extension over the net between intercorporate hosts. Whatever, it's all there. Just think carefully and put someone who understands in charge. Oh, and do try not to leave anything too sensitive on a Windows box if you expect it to be raided and taken to bits, as the game is over for you then.

Cheers,

Sabahattin

0
0

Next generation BBC iPlayer gets MS man on board

Sabahattin Gucukoglu

Drm? Microsoft influence? Hmm ...

Nope, it cannot be. At http://www.bbcshop.com/ , one can now *buy - yep, that's right - *buy* Microsoft WMP10+, DRM-Encumbered audio/video. As opposed, you know, to buying the equivalent stuff on CD, tape, DVD, video, etc. You need certain system requirements, their download manager, WMP10 with Unique ID on ... I didn't hit the button at the checkout. I lacked the nerve. Cleared my order; paid double for a CD. I shall wait for my CD and rip it, thus getting me what I wanted (a Dr Who story, matter of fact) in the right and honourable flac at just the right quality for me - f***ing perfect.

Corruption from Microsoft? No, it must be something else. Hell, even if it'd been MP3, I'd take it. But I draw the line when the BBC employs needless M$ technology at my expense to give me my license to *my* copy of *my* favourite audio on a string the BBC can give a little tug and revoke my right to listen to. Sick. Will the fanboys please smell the f***ing coffee?

Cheers,

Sabahattin

0
0

PC superstore unhinged by Linux

Sabahattin Gucukoglu

Dodgy Practices

I had a custom-speced Mesh laptop, a real powerhouse and paperweight combined. When it's display got a bit too loose for comfort, I sent it in (under warranty, of course) with a prepackaged mobile AMD that I asked for them to install. Sure enough, they called me up to give me a long list of what wasn't wrong with it in frighteningly graphic detail (I don't think the guy was a tech but he'd obviously been reading a script because it almost sounded like complete nonsense, although I'm not in hardware and don't know nearly enough about the internals of these boards in these things but I did do as much research with the motherboard's documentation as possible and it didn't fit - among other things he'd given me the wrong spec for the RAM) and he told me that I could either pay £600 for the repair, £120 for a return delivery including the dismantled machine or just let them bung it on the heap for destruction. At the time it was my fastest machine, so I was a bit torn. I gave it a bit of thought, called back an hour later convinced (after talking to a few more knowledgeable friends of mine, some of whom had seen the monstrosity in question) that I was clearly being ripped off, and told the attractive-sounding lady to kindly tell her manager to stuff my laptop where monkeys shove bad nuts. I will, of course, never by from Mesh again. I know they're quite well-renowned for their quite-alright desktops, but they've already brewed their hatred in me for them and for all companies like them and for all the employees who care more for their pockets than customer satisfaction. A pity, because the smaller shops and one-man ventures never seem to get the publicity they deserve for doing just that, and not finding any excuse to quit on the job for pay at any opportunity. I think PC World is the worst example of that nowadays, although ironically my best machine, my server of Vintage Linux class C98 era, is working to this day in fine form. I also know Mesh have been investigated for this practice, so I'm clearly not wrong about it. Between times, I have in my area seen compitent guys just doing their thing and doing it well for me and at good rates, and now my desktops get the occasional service they need from people I can trust. And now, apart from the crappy quality of today's hard disks, I'm happy with the desktops of three distinct ages sitting atop my desk connected to a KVM and giving me power beyond my wildest dreams. Well, alright, my second wildest dreams ... ;-) I still don't know who to trust in the making of laptops, though. If Dell is quality, do I have to talk to their technical support at all? I don't think I'll do custom-made again ...

Cheers,

Sabahattin

0
0
Sabahattin Gucukoglu

Dodgy Practices, Continued

Forgot to mention: yep, Linux and Windoze represented, with a spare that has partitions ready and waiting to host both. Amd64 (awaiting something again), Pentium IV, Pentium II. You've got just one guess which of these machines runs Linux exclusively. Tip: it's a server. A server made by PC World. :-)

And isn't it funny how many anonymous postings this thread has managed to accumulate? :-)

Cheers,

Sabahattin

0
0

Sony loses privacy complaint over Unfit Kids

Sabahattin Gucukoglu

Righteous Human Straws

Please kindly learn a thing or two about genetics and metabolism. It isn't all obesity due to overeating (although I agree that's a highly common cause and/or contribution). People naturally fat (and once again, there's nothing wrong with that!) can find it very, very hard to stay at safe weights. It really doesn't help when people spread the media-induced, idealised image of young, strong and - above all - fit and slim children growing up to become the bewildering stereotypical attractive personage. It's something that really got to me as a kid (but heh, they were no match for the nettles), and I'd really expect people of the readership to know better than to make such a silly assumption. Of course I think parents have a duty to watch over their kids' diets, but a more worrying question might to be to wonder how the little children got so obsessed with all those yummy sweets/chocolates/chips/crisps/etc in the first place. I know I was guilty then, but I'll never understand it now as I'm hardly ever tempted by the bad stuff nowadays and my weight is fairly constant.

Sure you'd guessed, but I'm an unlucky bastard. Born short and plump, destined to die short and plump. Do watch my weight though as best I can, do try to stay off the temptations, but short and plump is sadly in the family line on my mother's side. I have at various times achieved remarkable feats of weight loss through sporting activities that I've enjoyed, but on the whole I'm an idle idol (although I do, and more people should, take frequent breaks and move about inside or outside to relieve themselves of the tedium and give yourself a bit of exercise - I myself have a strange habbit of pacing that most people can't see is just something I must do in order to even concentrate). I'm nearly twenty-five but consider my muscles more than adequate - adequate, combined with my weight, for the useful purpose of shattering a few tiresomely stiff doors, anyway. :-) Like a lot of people, I'm still getting rid of the weight I put on at the discos at uni. I have since sworn never, ever, ever to touch alcohol ever again (yeah right).

Cheers,

Sabahattin

0
0

Firefox hits 400m download milestone

Sabahattin Gucukoglu

Re: When IE Fails...

You can't install a version of IE from the mainline on an OS that integrates IE at that same version or better. So, IE6 on 2000 is mainline and can be removed/repaired (provided you don't trash your undo info, which you can do). On XP, IE6 is integrated, so IE7 behaves much like IE6 on 2000. You can always use the downloader program to fetch the installers for IE (the iexsetup.exe takes command-line switches) but you can't use the installer on operating systems that already include that version or above of IE.

This is all explained in hideously incomprehensible detail in some M$KB somewhere that I once read a long, long time ago while trying to prefetch IE6 for 2000 for bunging on a CD.

And Firefox? Yay!

Cheers,

Sabahattin

0
0

Microsoft serves light fare on Patch Tuesday

Sabahattin Gucukoglu

Re: MS Agent patch isn't just for techies

Only if you're on 2000 because the ActiveX control is from a different development line. I think it's fair to say that 2000 users will be techies, especially now that M$ are quite effectively forcing every new hopeful Windows punter to avoid the goodness and go straight for the bloat with just enough temptation to make it worthwhile. I, like our reporter, only had the Malicious Software Removal Tool to (well, not exactly - it just runs the check and sets a regkey to prove it's done it) install on XP.

Cheers,

Sabahattin

0
0

ISPs turn blind eye to million-machine malware monster

Sabahattin Gucukoglu

Port 25

What we need is port 25 blocking by default by the ISPs as their own exception to otherwise perfect pipe provisioning, with the clear option to turn this off (quick call to customer services, could even be automated using a ringback to the customer's number taken from records). In any event, the filtering, together with ingress filtering, should be done where it's going to make the most sense, at the ISP's sprawl.

BTW: yes, I'll be the first to turn off that block as I run my own MTA and with good reason. I paid for network access, which means I get to choose how I route my email and DNS. If I want to do that myself, then so be it - for those admins who disagree, you're just encouraging another subtle form of net discrimination (read: treating your customers as shit, and second-rate shit at that).

Cheers,

Sabahattin

0
0

Feds tell (other) feds to kill net neutrality

Sabahattin Gucukoglu

Upstream QoS Works Wonders

... so why in the name of bloody buggering hell aren't more people using it? You know - send your ACKs first, prioritise HTTP/SMTP/whatever-other-noninteractive above P2P/bittorrent/other outgoing and beneath VoIP/etc? Ever heard of the DSCP, various congestion control algorithms, RSVP? I've never understood why so much standardisation work to solve precisely these problems that can be implemented on most networks simply never gets a look in, or, indeed, why Skype doesn't set the DSCP on outgoing packets for the benefit of those who'll listen so I can actually test them (even if it's technically only half the solution in that it only controls your upstream packet queue it is likely going to have a great effect on which packets come back at you and in roughly which order). You can really make your connection feel great even when it's clearly under absolute saturation. You don't need ISP cooperation and you certainly don't need to pay money for it. You can achieve wonderful results just with some tweaks on your jerry-rigged router-come-server. Go on, put a Linux/BSD box in front of your main link. Pffft. Oh, and just because I feel like a flame or two, M$ worshippers can note that QoS in Windows is, as always, outside of end-user control and that, as such, you're stuffed.

As for me: I see better potential in upgrading infrastructure than in any amount of service-side net non-neutrality. And despite what's been said here, I *do* think it's almost bound to go bad if ISPs are let even further off the hook. I guess that makes me a net neutrality fan in most peoples' eyes, but that doesn't mean I'm not in disagreement with the fact that the net needs a makeover so that it isn't bound for a slow death because of near-permanent congestion without any shaping. But we shouldn't use packet prioritisation at the upstream, we should really start by beating the spineless Ofcom into letting BT conquer the land with superfast IP infrastructure everywhere which everyone else can then happily borrow to increase the actual available bandwidth (you know, the bandwidth my ISP happily charges me £x.xx a month for theoretically perpetual use of) instead of relying on the shit that is wet string copper running backwards technology like DSL. Urgh. If you do have LLU then by all means go for it, but we have to have a change. I know I don't want some snot-nosed teenagers determining the fate of my net connection to be selectively throttled downstream just because they're the ones sharing crap and I'm not or, more likely, I'm seeding a Linux distro ISO or three. So I don't care for non-neutrality; I'd much rather the net just fell over and push for improving the infrastructure if the public really needs a wakeup call while the router manufacturers resolutely fail to add basic QoS functionality (I know a few are now, in particular Linksys - now Cisco). Perhaps the iPlayer will do it? I haven't tried checking, but I'm quite sure that my average monthly consumption probably makes my bill look positively scandellous. In such a case, maybe PAYG in the meantime?

Cheers,

Sabahattin

0
0

Page:

Forums