A Man and his Penguin

I got a reply to my message, so I posted another, more subtle jab.

No replies yet on the "Mission Accomplished in Canada and Iraq" yet, but there are 9 views of it - there must be plenty of people thinking but not knowing what to say.

Someone also posted a link to a Youtube clip of Mel C doing a backflip onstage in Canada. I replied with "It’s not the first time she’s done a backflip this tour". Heh. I can’t believe I’m the only person thinking of these zingers.

In the latest Linux kernels, it is possible to mark the kernel as "tainted" from userspace, if a program does something incredibly naughty that could make the kernel unstable. When a kernel is marked as "tainted", if it crashes and you send a bug report to the Linux kernel developers, they will either not help you or they will ask "hard questions" about what you were doing.

Rightly so - the kernel devs can’t fix a problem that’s been caused by binary drivers or programs doing dumb things.

On lwn.net, there is a discussion about this, along with the revelation (to me) that Java actually has functions for letting a Java application developer directly read and write all system memory. (this is called RTSJ). The last poster in the discussion says:

It seems that Java’s absurdity would be moreeasily noticed once all computer OS vendors asked to implement RTSJ compliance also had to implement unfettered access to all physical memory. And besides, what do they need all that memory for?

My reply: If you’d ever used Java, you would have already noted that it appears to use all your physical memory

As an aside: Is this possibly why running Java applications tended to make my Mac unstable, even after they had been quit?

Today I went to a hilarious account of some people overclocking an Intel 486 using a bar freezer and some alcohol. I actually L’edOL!

With Linux, there have always been power-user distributions. The ones where the user relinquishes no control to the operating system - where the user has the say on EVERYTHING. But then the user needs to have a lot of knowledge in order to drive the operating system. Examples of these would be Arch Linux, Slackware and Gentoo.

Then there’s the user-friendly distributions. The operating system assists the user, but still never gets in the way of what the user wants to do. Or, hopefully not. Examples of these would be Mandriva, Ubuntu, PCLinuxOS etc.

But now we’re seeing a new sort of distribution emerge. These haven’t yet been named or even really identified, but they are designed for people who can barely use a computer. The operating system protects itself and the user from the user’s mistakes. Such mistakes could include moving the panels, getting rid of your own permissions, or "storing" items in the trash can. Examples of these sort of distributions would be gOS and the EeePC’s version of Xandros. Both operating systems present the user with a limit set of things that they can do, don’t talk jargon and don’t present the user with too many paradymes that could be misinterpreted.

With the number of cheap computers being made and sold with Linux now, and the fact that most people are still barely computer-literate (INCLUDING school children, which is very concerning!), I figure we’ve got a market for distributions like this third group.

I’ve decided to start my own distribution again. This time, it won’t run on PowerPC :-)  But it will be easy for the people who I work with (including one who hasn’t quite worked out "minimising", and another who thought all the data on a computer was stored inside the monitor) to use for their basic tasks, without being able to break it. It will also be easy for me, or anyone else, to remotely administer (or administer in-person). The user will still be able to add new programs, but only from an approved list.

We’re talking basic, locked-down. But the applications on Linux are often home to jargon-filled error messages that are great for an experienced user to work out the problem, but not so good for someone who is likely to get scared by them. So if I have time, I could possibly modify error message strings in the programs to be friendlier.

We’re also likely talking about automated error reports to the "administrator" of the computer - usually the friend or family member who has set up the computer for their Gran or their friend. We’re also talking about direct IM connection to the administrator, available at the touch of a button.

We’re talking about Touch Linux.

"OOo needs GREETING CARD TEMPLATES!!! Until Linux has a decent greeting card support from OOo or anything, it will be a consumer also-ran. "

Regardless of the fact that I don’t think anyone uses an OFFICE suite to create greeting cards, I somehow don’t think that the huddling Windows-using hoardes will all switch to Linux as soon as there’s a program or template specifically for creating greeting cards.

Otherwise, they’d already be using KreetingKards on KDE! http://blog.gobanquet.com/index.php/openoffice-3-has-pdf-import-native-aqua-ui-tara-reid/

I played the 2006 edition of Alien Arena a long time ago, and I really wasn’t impressed. Although it played okay on my old AMD Sempron-based computer with integrated ATI graphics, I didn’t really think much of the game and instead preferred Nexuiz (which needed a faster computer with better graphics).

Fast forward to late 2007. I heard lots of people saying that Alien Arena 2007 was very good and had a lot of personality. So I tried 2006 again and still hated it.

In the past week I’ve heard a couple of times that AA2007 includes a mode where there are vehicles, and this is one of my favourite parts of Unreal Tournament 2004 (which I play a lot on my new computer).So I leeched off someone else’s internet connection to download Alien Arena 2007.

I still expected the gameplay to be as terrible as Warsow, which suffers from badly-written bots and ineffective weapons. While at first I wasn’t blown away, I did seem to die too much considering I had the bots turned onto "Easy".

Then somehow, it all clicked for me.

Now I quite like Alien Arena 2007. The vehicles aren’t very well thought-up sadly, and it looks like all the levels are small and claustraphobic, but I’m still having some fun with the rocket launcher and chaingun.

Alien Arena 2007 does betray the underlying game engine, or perhaps follow Quake too closely. I’ve never seen the point of "armour shards" which add 1 to your armour, but they are here in AA. The client-server architecture of the game is also obvious - playing a single-player game involves clicking "Host Game", for instance (just like Warsow).

AA2007 does add a couple of things to the genre. Firstly, unlike most other games, it’s not possible to fire just one round from the chaingun. It’s a powerful weapon, but if you fire it you’re committing to fire a certain number of rounds. If you just tap the fire button, the chaingun belches out fire for about a second and a half. Therefore, having good fire discipline is the order of the day when using the chaingun.

There’s also the obligatory Capture The Flag gametype. Team Core Assault is like Unreal Tournament’s "Onslaught" gametype; except with very small maps, much fewer powernodes, and the nodes can be taken or retaken simply by stepping on them (no link gun).

I imagine Deathball mode to be like "Bombing Run", or possibly like Marathon 2’s "Kill The Man With The Ball". The AA2007 gametype "All-Out Assault" is where you get the vehicles, and there’s also a bizarre new gametype called "Cattle Prod" which I couldn’t work out. It’s something about herding cows. Very strange.

I also find it funny that the "OMG I have no ammo!" weapon is called "The Probe". So the event log would say "Player was probed by Cyborg".

In all, Alien Arena 2007 is worth the 200 megabyte download. If you tried the original version, you should check out the new one. Or, you could wait for Alien Arena 2008 which should be out quite soon. Sure, Alien Arena 2007 didn’t blow me away, and in the grand scheme of things it’s not an impressive game, but it’s enough fun. I definitely saw potential in this game and I’m sure each edition will build on this promising base.

At the time of the Apollo 11 mission to the moon, according to a scare documentary I saw recently, the whole of NASA only had as much computing power as "a modern laptop".

Whoo. Scary. Until you realise that a modern laptop can perform about 90 million instructions per second! A modern laptop would qualify as a supercomputer by the standards of ten years ago!

I’ve used a modern laptop recently. It took three and a half minutes to fully start up, and just over a minute to shut down. If it’s a supercomputer, why is it so slow?

"My DVD drive would
not release the disk, the software would not listen to me and close.
And Windows would not allow me to do anything anymore including
rebooting!

Then
all of a sudden, about three minutes into this fiasco, my DVD drive
opens!  I quickly grab the disk, close the drive, and flick the surge
protector.  I breathe a sigh of relief then start scratching my head in
amazement.

I
have a Microprocessor in my system that can easily handle over 120
million instructions per second.  If you like to get real geeky with
me, consider this.  The Intel processor I’m using is able to calculate
the SuperPI number crunching benchmark to one million digits in about
100 seconds.  It takes my Pentium 4 system less than two minutes to
figure out this benchmark, and the Pentium 4 is notoriously bad at FPU
calculations.  On a bad day, this beautiful system can do some very
serious powered thinking, and at speeds that even ten years ago NASA
didn’t have in their control rooms.

But,
the very same system can not "think” through the decision to release
the freakin’ DVD drive without locking up for three minutes?  How’s
that possible?  The answer lies not with the hardware but the Operating
System that drives the hardware."

I’ll let you read the rest of this excellent little article.

Yes, I will never be able to call Retra IT Support again without feeling awkward.

My boss often says, in relation to selling extended warranties, "If you don’t ask, you don’t get". At least I asked, otherwise there would be no chance of getting.

But of course, I feel really bad now.

If Linux is difficult for the computer illiterate to use, then Windows must be complete hell for them to use.

Two letters in the newspaper today to the resident "expert". It’s probably the first week he hasn’t been asked how to change an option in MS Word or Excel. But they made me laugh. Here are my answers.

Q. If my cable connection is on all the time, is my computer vulnerable to malicious interference from the Internet during the time my computer is booting up and before my firewall software is loaded?

A. How long does your computer take to boot up? It’s probably about a minute, maybe 90 seconds, to boot up. Of course, not everything boots up all at once; the network card in your computer is only recognised and started after a few seconds. Once it’s started, Windows loads the driver. Once Windows loads the driver, the computer sends a signal to your cable box, asking to be assigned an IP address. While it’s waiting, the computer will continue booting up other parts of the operating system. Finally, once the computer has an IP address and the address of your cable router, it will become visible to the internet.

But then, your firewall software will probably load within a few seconds of the IP address coming up. Even if an attacker knew the IP address for your cable router and was waiting for you to come online, they’d have a window of approximately 10 seconds to do something to your computer. Even assuming a worst-case scenario, that such a malicious person would be waiting around for you to come online, there’s next to no chance that they would be able to open a backdoor in 10 seconds.

And let’s face it, nobody is going to keep pinging an address for hours on end just to find a single person to attack. Why on earth would they wait for you to come online when there are already millions of internet users who don’t have any protection, or who will double-click on anything they’re told to? Do you think you’re really that important to an attacker? Even if they were pinging your cable box’s address, they would have to work out what address you had with the router. They can only do that when you’re actually online. And that’s assuming that they actually knew you were online.

Besides, your cable box probably already has a firewall built-in.

So, to put it bluntly, you’re being paranoid, and you urgently need deprogramming. Yes, there are plenty of nasty people who want to attack computers. Yes, Windows is a shithouse operating system in terms of security. But there’s no chance of your scenario happening. Unpatched, unprotected Windows computers connected directly to the internet (no Network Address Translation) get attacked within an hour. Your computer cannot be compromised in a mere 5-10 seconds. That’s just ridiculous.

Q. I have an old PC running Windows 98 which has an up-to-date anti-virus program and a free edition of the Zone Alarm firewall which no longer provides Windows 98 updates. Do you know of any free firewall program that still supports Windows 98?

A. So, we go from the ridiculously paranoid to the ridiculously computer-illiterate. Both of you need deprogramming. But you need an explanation of what a firewall is, and firstly what a firewall ISN’T.

A firewall does not "enumerate badness". It doesn’t examine what comes into your computer and think "Hmm, that’s nasty" or "Hmm, that’s okay". It doesn’t even know (or need to know) what is harmful and what isn’t; therefore it doesn’t need updated definitions of this stuff.

A firewall is a very simple program. Whenever data comes into your computer from a network, it comes through with a particular "port number"; the number identifies what sort of program will deal with the data. For instance, website requests happen on port 80, no matter what web browser you use.

A firewall merely looks at connection requests. Whenever a computer from the Internet wants to open a connection with your computer (NOT the other way around), the firewall will look at the port number, consult its settings, and correspondingly allow or deny the transmission based on port number alone. If allowed, the firewall will send the data through as though nothing had occurred. If denied, the firewall will "drop" the data so that your programs never recieve it, and will not send any data back in return.

By default, a good firewall will block all incoming connections.

It doesn’t matter if you’re a genius cracker who works for the FBI, CIA, and Russian Mafia - if you try to initiate a connection with a computer that is behind a configured firewall, you will not get anywhere. If you try to connect, the firewall will drop the connection and you will never have a way into the computer. You cannot fool it by making a malicious connection request look benign - because the firewall doesn’t care; it would drop incoming connections from both Mother Teresa AND Adolf Hitler. The firewall doesn’t know what’s good and what’s bad; it just knows what ports you have asked it to allow, and it will block all other incoming ports.

Firewall programs from 10 years ago will still work effectively today, because they still do exactly the same thing as today’s programs do. They drop all connections that are on ports that you haven’t allowed.

You need to be deprogrammed from the "I need to keep giving companies money so they can protect me" way of thinking. If you want a firewall that will block any incoming connections, then your current Zone Alarm will do the job just as well as anything else out there.

(by the way, the subject of firewalls touches a sensitive spot with me. Most Windows users say that you need a 2-way firewall - that can deny connections going out from your computer. Their reasoning is "If you get infected with something, a 2-way firewall can stop it from transmitting information back or becoming part of a botnet". This is quite dumb, and many of the people who advocate 2-way firewalls probably think that a firewall is an "enumerating badness" security measure.

Firstly, most malware traffic happens on ports that are used by non-suspicious, everyday services. Malware sends spam on port 25, which is the same port used by legitimate e-mails that you send. If your computer becomes infected with something that turns it into part of a botnet, then its communication with the rest of the botnet will happen on port 6667 - Internet Relay Chat. So a 2-way firewall will stop the malware from communicating on the ports that it doesn’t communicate on. Get it?

And the second dumb thing is that firewalls don’t enumerate badness, so a firewall would not stop malware from sending e-mails yet allow your e-mail program to send them. How does your firewall know what’s malware? How would a firewall know that the 16-digit number that’s passing through an e-mail is your credit card number? It doesn’t.

The third dumb thing is that you’re shutting the gate after the horse has bolted. If a piece of malware is running on your computer, the damage has already been done. That malware can do anything to your computer that you can, which includes disabling or reconfiguring the firewall.

The fourth dumb thing is that, whenever you install a legitimate Internet program, you need to find out what port it communicates on, and then enable that port. Some firewalls can prompt you when they come in contact with a new outgoing connection, but approximately 5 minutes after that feature is enabled, you get into the habit of clicking "Allow". And besides, Windows has so many crypically-named components, you wouldn’t have any qualms about allowing something named "aries.sys" or "Plug and Play Device Manager" to communicate, despite it being known malware.

2-way firewalls? Dumb. Just use your 1-way firewall and don’t do anything stupid, and you’ll be fine.

At the IT support office for Retra, there’s a girl called Amy. I often have to speak to her whenever the POS connection has dropped off and refuses to work when you reconnect.

She’s got a cute voice and is always super-friendly, and once I sort flirted with her while she was fixing one of these regular problems. I’ve never even seen her!

My workmates know that I have a bit of a thing for Amy. Tanja today was egging me on to ask Amy out. I don’t know what it is about Tanja, but she’s always confident that girls will like me; so I suppose that has boosted my self-esteem.

Tomorrow, or Wednesday if it’s flat-out tomorrow and Linda hangs around all day, I will ring the Retra IT support line and ask Amy out.

Just thinking about it now makes me very nervous - how am I going to feel if she says no? But then, wouldn’t it be so great to go out with her? It certainly would!

So, wish me luck!

EDIT: I don’t think enough of you were wishing me luck. See the later post for even less information.