Sunday, December 13, 2009

Building a "Media PC"

I decided to undertake a new mini-project. The goal was to eliminate our satellite television service, and thus save a decent but not huge amount of money each year.

I had taken a half-day from work because of crap weather; I figured that was a good time to try working on this back-burner project. I pieced together a system from old spare parts and installed Windows XP on it (I had a number of systems that I had removed Windows from and installed Linux, so licensing shouldn't be a problem).

We have a Vizio LCD television that had an RGB PC connector and an audio input jack...plugged in all the cables, and it actually worked fairly well as a computer with a giant monitor. I was fairly surprised at this!

Now...TV. The name that came to my mind for streaming television shows was Hulu.com. My son is absolutely in love with the cartoon Voltron now thanks to streaming Hulu to the TV.

The results weren't fantastic, but they weren't totally horrible. We have a 1 megabit download speed over DSL, which is the bottom rung of what Hulu said is needed for streaming their content. What this means in practical terms is that any sustained download...that is, anything that takes more than a minute or two...causes the Hulu stream to pause. Ouch!

Because of the way Hulu has licensed their content from studios they can't allow people to cache more than a few minutes' worth of the shows. They are using some wonderful Adobe Flash feature to prevent you from downloading the entire show for viewing all at once so it doesn't hiccup and burp in mid-viewing.

Because I have a computer, my wife has a computer, my son and daughter have a computer...if any of them are downloading updates, updating iTunes podcasts, or transferring a Pogo.com applet, the Hulu program pauses on us.

Annoying? Yes. I don't mind this inconvenience much because any shows we really liked we bought on DVD as a whole season, but for my family this could be a deal breaker.

I downloaded an alpha version of Boxee, an open source cross-platform video viewer program that apparently has a lot of features (including a free iPod/iPhone application to act as a remote!). It was so very promising...but I can't yet know if it is decent or not because it doesn't work on the media computer I cobbled together. The system has a Rage 128 Pro video card in it; okay enough to use as a basic workstation graphics card, but on launching Boxee all I got was a white screen from which I could only exit using the Windows task key, then telling Boxee to quit from task manager.

I looked around online and it seems that Boxee requires OpenGL 1.4 or higher. The Rage Pro supports, I believe, 1.3 or lower. Since it's a legacy card no longer supported that means no OpenGL updates. That leaves me with having to find a cheap video card to replace this one before I can test Boxee.

I installed iTunes on the old media system as well. I opened sharing on my personal iTunes system and enabled it on the media computer, and it played my music library without any problems and played an open source movie my son loves watching called Big Buck Bunny without any issues as well. So if I buy any TV shows, buy any movies, or download video podcasts then I should be able to see them just fine on the media computer.

I also connected an old webcam and inexpensive omnidirectional microphone to the media system and installed Skype. Our TV is now turned into a giant videophone. Pretty neat when the grandparents call in to talk to their grandson!

So where does that leave me? At the moment, I have to purchase a newer video card, and the streaming of TV programs only works "so so". Anything with iTunes, streamed from another system or on the computer itself, works well. We already have a DVD player so there's no incentive to rip my DVD's to the hard disk.

The computer itself is rather weak on the horsepower scale with a 1.7 GHz P4 and 1 gig of memory and a 40 gig hard disk, but as I mentioned the only problem I've had has been the fault of Hulu's crazy caching issues coupled with our "measly" 1 megabit download speed.

I'll have to see if Boxee improves things with cached downloads, otherwise I might only have a neat gadget for web browsing with a giant monitor. If anyone has suggestions for viewing ad-supported television content from the web I'm open to it!

Wednesday, December 9, 2009

Women in Technology

I was listening to a podcast today from IT Conversations. Sometimes the featured podcast topics really get me to thinking; this particular one was about women in open source by Kirrily Robert.

She discusses the fact that women are a minority in open source, and technology in general. What I took away from her discussion was that basically the entrenched male-dominated field of technology is inherently sexist and unwelcoming to new (female) partners in development. She draws a parallel between women entering the tech community to a man getting a manicure at a salon. They just don't feel that they fit in.

Additionally, 80-some percent of men in the field aren't even aware of sexism in their community.

That got me to thinking about how technology draws a unique kind of individual in the first place. We tend to be less than sociable. We work in a meritocracy. We are managed with many similarities in technique to those used to manage a herd of cats. People who truly belong in technology tend to be...well, not normal. I've heard it said that a large percentage of people in IT and programming tend to have much in common with those suffering from (or enjoying) Asperger traits.

I don't think it's that the technology community keeps women in particular out. I think that broadly speaking there are a number of traits that the average woman isn't comfortable with. This is a broad statement and I'm acknowledging that there are many very talented and capable female workers in IT and programming fields. You might assume I'm being sexist; it may sound it, but while I'm characterizing it as a female trait, I think there are plenty of people of both genders for whom this is true. I think that on average this is true of a greater percentage of women than men, and if that makes this sexist, then so be it.

This field tends to be a meritocracy. Part of that means you defend yourself and your ideas; whoever makes the best argument "wins". It means arguing. It means pointing out when the guy in the next cubicle is an idiot, and why you believe that. It means that things get nasty sometimes, and respect isn't handed out with a title so much as it's found crawling through the technology trenches. And many people...perhaps a disproportionate number of women compared to men...aren't comfortable in that environment.

So when Ms. Roberts is complaining that the entrenched male-dominated IT people need to make things more friendly and welcoming, I cringe. We get our standing the same way as everyone else in our field...we fought for it. We checked our thin skins at the door. Is she saying that we need to go out of our way to coddle someone who can't stand on his or her own merits of their ideas?

I think that we generally don't care if you have mammary glands or not. If you're capable of performing the job you will be fine. There are those that may be excessively rude or crude; when limits hit a point of disruption, then sure, step in and do something about it. But for the most part I think that man or woman can earn a place within a team; for people who like things like Dungeons and Dragons and science fiction, being a woman isn't a problem to accept. We may think it's novel since it's not common to have females in the IT department, but it's like finding someone with a mint-condition first edition D&D rule book or Leonard Nimoy's autograph. It's novel. Novelties wear off.

It's very possible that my views are biased. I'm male. I can't really help that. I am wired a little differently so I see the world a little differently. If you have had experiences to the contrary, please share in the comments!

Personally I disagree with Kirrily's assertions. I think the community naturally appeals to the antisocial and people with Aspergian tendencies, and part of the meritocracy involves behaviors that on average women tend to not be comfortable participating in. Any attempt to veer away from a formula where you're in your position because you deserve that position will only bring resentment. But like I said...if you have views or experiences to contribute, please share them!

Wednesday, November 18, 2009

I Hate VISTA!

There are many things that factor into user-friendliness and it absolutely floors me that something like Vista was released so many years after Apple's OS X, an operating system that has been hailed as a shining example of user friendliness. I can understand many of the shortcomings of Linux in this area...it's largely developed by geeks that like to do what they can to prevent the average user from entering the sacred halls of geekdom, and creating pain among users is a secret handshake in our meritocracy.

But when you're the dominant operating system vendor with millions of users and millions and millions of dollars in R&D, what excuse do you really have for releasing something that is actually several times more frustrating than anything a bunch of geeks have (laughingly) "designed"?

I had to work on a laptop (yes, that I previously had worked on with Vista Home Edition) that was reported as saying that it "needed to update the antivirus but need administrator to do it."

Okay, shouldn't be hard. The antivirus is one that I'm not too crazy over because it, too, has in my opinion design flaws that drive me freakin' batty as well...Central Command's Vexira. However, I take the laptop and start to work.

I ended up having the laptop brought home. I spend some time trying to get Vista to find my wireless network (usually with XP it's a simple matter of clicking the wireless icon in the tool bar and selecting from a list, but this Vista laptops wouldn't show that to me). I eventually found in the networking control panel a line in English, in tiny print, telling me I can "find a network." Fair enough.

It found my (unsecured) wireless network. Join it. Warning: EVERYONE WILL SEE WHAT YOU'RE DOING!" Then it gave a button that didn't look like a button to continue on anyway. I thought it was a label of some sort...nope, just an awkwardly labeled button in the interface. I twitched a little.

It joined my wireless network, telling me the signal strength was excellent. I then right clicked on the Vexira system tray icon and told it to update. And waited. After a few moments I noticed a blinking task bar icon; click that, it tells me that there's a system notice. Click that, and the screen does the obligatory blanking-switch-to-system-screen. Told it to update, and it belches an error with the connection.

Huh?

Told it to "return to my desktop", leading to the laptop blinking a few times.

I was disconnected from the wireless. No reason why, just not connected.

I sigh and go through all the steps to reconnect and once again bring up the update interface on the "special annoy the hell out of the user" desktop.

SAME @#% ERROR. I returned to the regular interface and check the network connection. Disconnected.

I tell the bloody thing to reconnect, and this time "remember the network" and "connect automatically".  This time the notebook connected and stayed connected.

That wasn't the end of the problems, but my gripe here is about Vista, not Vexira. I don't understand why the connection was:
A) so awkward to connect to in the first place.
B) kept disconnecting without notice.
C) had so many @#% clicks to find, establish, and re-establish.

This was on top of the issue with having to switch desktop modes a few times and having the display click and clack as it changed back and forth (resetting video modes? Redetecting the display? I don't know; from the user perspective, all I know is that it ticked me off having to repeatedly go through that annoyance).

I'm a big believer in preventing friction in a user experience. I do what I can to minimize this friction; one thing I do to make it as least annoying as possible is to secure my systems from intrusion and monitor my network usage while removing encryption from my wireless network to make it friendly to the myriad devices we use. This should have made connecting to my wireless network a simple matter of "show available networks, select, connect." So why wouldn't this @#$% notebook connect and stay connected?

Once I told it to "remember the network" and "connect automatically", it stayed connected long enough for me to get a dose of hate for Vexira. The wireless network worked without issues for my wife's Mac. My own Mac hasn't had issues. My iPod hasn't had issues. So unless something is flaky with that notebook's hardware...which hasn't been reported (although possible)...it tells me that my headaches were Vista-related.

It's almost like Vista was going out of it's way to make this three times more difficult than it needed to be! Another checkmark on why I hate Vista. Supposedly Windows 7 improves this dramatically. Me, I'm not so sure I care. There's an Apple ad that pokes fun of the "it has none of the problems Vista had...it has none of the problems XP had...it has none of the problems Windows 2000 had..." There comes a point where I just don't care anymore. When the track record goes this far down, when the experience just fails so hard and far, when I've switched to another platform altogether and found it to be a huge improvement to my ulcers...

I. Just. Don't. Care.

Pay me to try Windows 7, and I might try it. If not then I'll wait until I absolutely need to deal with a new set of headaches.

Tuesday, November 10, 2009

Tech Support With a Tinge of Irritation

I just got a call from family for another round of tech support. I always realize after the fact just how irritated I sound when I get these calls.

It's a tough situation to be in. Of course there's my much mentioned personality disorders. But I also have tech support obligations at my day job. For many years I get calls for the same issues, over and over, usually dealing with people who are unhappy to begin with because they broke or lost something on their computer or can't be bothered to read and comprehend a statement on the screen. More often than not it's something that they called about a few months ago. Same issues. Over and over. And I dutifully repeat myself. Over and over.

I've heard many times how often tech support is a burnout job. No one stays sane in that position for long. And I've been doing it a long time. Repairing. Swapping. Answering repetitive questions. Educating over and over, the user never quite comprehending.

Worse, I'm normally regarded with a feeling of disdain. The movies make this stuff look simple. Why can't I just type a few words into the keyboard and have it work? I mean, The Matrix, The Net, the latest Die Hard, Wargames...they made it all so simple. Maybe I should pull a Tron and just jump through the screen and make it work for them. It's a simple job, making them wait longer while I decipher what the hell they're talking about is just irritating them. I must be doing it on purpose.

Better yet, tell me how you're not a computer person. Or how stupid computers are. How you hate them. I love hearing how my college investment and years of work were all pointless. And I'm still obligated to help you.

Then my family and friends want help. At work, we generally know what the systems have, how they work, how the network is configured. I generally know what you're supposed to be doing to get your documents. What applications, generally, you're running. When you are calling from home you've installed games, you've altered settings, I can't see what you're seeing. I need to rely on your descriptions. I need to strain to remember what you're running. Sometimes I remember. Sometimes I can't remember what I wore yesterday.

They get frustrated. I'm already irritated. It never ends well. They get free service at the price of putting up with my terse commands and repetitive issuance of directions. I remind myself that technology doesn't dance to the stroke of keys for them the say it does for me. I feel swells of anger at them not being willing to help themselves by working on basic functions like knowing where they put the damn files they created. I feel waves of frustration at their descriptions of things I can't see but need to know in order to instinctively discern the true nature of the problem. Then I have to remind myself once again...I don't know things they specialize in, they don't know things I specialize in.

Frustrating. And I always regret sounding like the ass after the fact. Maybe someday I will find a better coping mechanism. sigh.

Antivirus Programs vs. the Malware

AV-Comparatives, a name in online antivirus testing, has released the results of their 2009 malware removal tests pitting 16 antivirus programs against each other to test their ability to clean out malware from systems.

The results? None of the tested programs rated a "very good." The link above takes you to the full results of the test complete with a thorough description of the test methodology.

Not that it's a big surprise. At least not to people that have to deal with this crap all the time.

The fact is that once a system is infected, there's no way to trust that it hasn't been modified in a way to prevent you from finding it. It could change operating system files so that utilities can't see the malware or see indications of the infection (like replacing netstat so that you can't see network activity linked to the malware). You don't know if it's hidden in the filesystem so it's invisible (see what NTFS filestreams are; oddly enough there aren't much for native tools with Windows to let you find the damn things but they are simple to access for hiding data and there are malware that can hide information using them.) You don't know if malware is downloading more in the background or working to create backdoor access to your system or if it's monitoring your keystrokes for passwords or uploading your documents to file sharing sites.

Many malware programs are made in a way to recognize attempts to detect them or remove them or know about popular antivirus programs so they work to cripple your ability to update your antivirus program or break the installation of your antivirus.

It's an arms race. The only way to be "safe" is to not get infected in the first place, since I've mentioned what they can do once in your system and the antivirus programs rely heavily on signatures for detecting malware.

But think about it.

You install antivirus with Monday's signatures.
Tuesday a malware author creates a new "virus" and releases it.
Tuesday night a honeypot used by your antivirus vendor detects the new malware.
Mid-wednesday the vendor has finished reverse engineering the malware and has created a new signature.
Wednesday afternoon the vendor has added the signature to their latest update list.
Hmm...when are you updating your signatures? Every hour? Once a day? Every night?

Even if you update every hour, that's an hour window where you were open to infection by that malware. There are hours and hours, at least, between a malware program's release and a vendor getting it, analyzing it, creating a signature, uploading that, then you downloading the "fix". On the Internet you can be infected by scanning worms and malware within minutes.

That means that for most users the topic of computers and viruses is a cat and mouse game, always playing catch-up. And that's if the user even bothers paying attention to the issue (judging from my web server logs, most don't).

Worse, it's not like you can install multiple antivirus programs and overlap protection. Nope. They will normally end up interfering with each other. You have to pick one and enjoy it. Plus they add overhead by scanning every file your system opens up as they work; there's a memory and CPU cycle cost to doing this.

And again. It's. Not. Completely. Effective.

You can minimize the risk by using "less popular" systems like Linux or OS X instead of Windows. That helps, but doesn't make you immune.

How do you stay safe?
Educate yourself about proper system maintanence.
Stay updated with your vendors bug fixes and patches.
Educate yourself about malware spreads; don't install programs from random websites, or give your information to websites that aren't encrypted and aren't reputable.
Pay attention to warnings about addons running in your web browser or programs trying to install or run.
Pay attention to your system so you can be aware of anomalies in behavior. If it's suddenly getting slower or starts acting weird those are red flags.
If you use an antivirus keep it up to date with the latest signatures.
Install specialized malware programs like Spybot Search-and-Destroy. Keep it updated.
Pay attention to security warnings.
Educate yourself on how to use Google to check into programs before you install them. A lot of sites have fake "virus detected!" popups with offers to clean it with a particular product, when the product is actually the malware.

All of these are good starts to keeping safer while using the Internet. Antivirus and anti-malware programs alone aren't 100% effective. Education is a wonderful way to help curb your personal information becoming public.

Sunday, November 8, 2009

System Administrators, Let's Hang Out

I found this question on one of my favorite tech help sites, serverfault.com. It's a wonderful wonderful resource for help (totally free!) for people who are system administrators by day and geeks by night. It's actually one of the "trilogy" of websites; there's serverfault for admins, stackoverflow.com for programmers, and superuser.com for "power users".

One of the things that seems to be underserved on the webbertubes is a good community for system administrators and geeks. The closest I've really found so far is serverfault, but really it's a help site; you have a question, you get answers from peers (that are vetted and voted up or down by peers as well). But a social site for geeks?

So someone asked where system admins go online to "hang out" and be geeky. There seem to be some good leads with that question, but still it's not flooded with answers. Weird...you'd think that the Internet would have some good sources of respite from neurotypicals online.

Part of me wonders if in general sysadmins are antisocial even in an environment as socially hostile as the Internet to the point where they can't even bother to show up at online hangouts made for them.

At any rate for now I get a good geek fix from Serverfault. If you're a programmer, check out Stackoverflow or if you're just a power user go to Superuser. If you have an interest in...just about anything else, check out the Stackexchange site, where there are sites using the Stackoverflow engine to run specialty sites for asking and getting advice on everything from parenting to World of Warcraft. Okay, maybe not tons of sites yet, and directories are being created but it is growing rapidly...check them out and let me know if you've found any gems in these sites! It would be great if I managed to give a reader something useful to work with.

Documenting Configurations

I had an incident that reminded me of an aspect to system administration that we as system administrators don't often address.

It's a "dirty thought", the thing that ends up being on our minds without usually being said. An elephant in the room, if you will.

That thought is just how much of our jobs is to protect users from themselves.

I had a user call up to say their program wasn't working. I'll call it Widgetapp. She is the only one that uses Widgetapp. It's an older program (not extremely old, but about five years in age or so), and it's used to track a vital bit of data on a couple thousand of our users for HR purposes.

Since she's the only user that uses Widgetapp she is the only one with a PC that has the application installed.

I viewed her desktop and found that the program was opening a "sample database" meant for training purposes. Oh...no problem. I use File->open to open the other database with our live data.

I couldn't find it on her PC.

Hmm...this could be bad.

Her desktop doesn't have a backup agent of any sort on it; users are instructed to save all data to their home directories and the servers are then backed up regularly (when the backup server is double checked that it is working properly, that is). I looked at what kind of file the database was and started searching her PC for similar files. Nothing.

At this point I was getting irritated; I couldn't imagine why, if I've worked with this application before (it rarely needed fixing or alterations made) and the application allows you to specify a location for the database file, I wouldn't have stuck it onto the server.

I started looking for a backup of the database on the server used for her department. I hoped that there would be a database that was at most a few weeks old.

Instead I found an oddly named folder that had an uncompressed database file. I created a new folder just above that with a more obvious name (Widgetapp_database) and copied the suspicious contents to that folder then pointed the program to that database and opened it and then had the user check the database; her most recent entries were there!

From what I could piece together my suspicion that I had pointed the program to a database on the server (where it would be backed up regularly) was indeed what I had done. At some point when the company made an upgrade to Widgetapp they moved the folder (still on the server) to another location.

The user probably had a network issue or some other problem where she ended up pointing the program to a default "training" database on her local hard disk. She had no idea that data was actually residing on a shared folder so it was up to us to know this...and we didn't.

Lessons?

A) Keep application data centralized. Programs that don't allow you to point to network shares or UNC's or IP's of application servers are crap. Centralizing the data allows you to centralize your backup management.
B) Document your applications. Document your changes. Document your configurations. Document everything.
C) Users won't have a freakin' clue what you're talking about.

Our organization doesn't do a lot of documentation. We don't have the manpower to properly handle it, and it's a situation that isn't going to change in the near future.

We expect users with specialized software needs to keep track of certain things with those applications. Again, we're extremely shorthanded in our duties and so we make an unreasonable assumption that the user will take responsibility for applications they insist they need. In the end they don't. I consider this another elephant in the room...we know we're doing wrong by it but do it anyway. What normally ends up happening is we end up spinning our wheels for a time because we're re-learning how to use the application or figuring out how something was configured instead of having an up to date reference that spells it out. Then we end up sometimes creating a new method to work around the issue or fix the problem that counters what one of our coworkers initially did. Hilarity ensues if that other coworker is the next one called in to fix the next mess.


I guess the biggest fail here is lack of documentation. We are shorthanded so we take shortcuts. This means we don't keep track of changes made to systems, we're just starting to document procedures, and no work has gone into properly making documentation available (not just available as in collected in some tome on a shelf; available means being able to actually find the information you need, and that means leveraging a wiki or issue tracking database for the troubleshooters to use for getting user and system history and tracking configuration issues).

In this case there was a happy ending. The user's database was found and the application worked once again. The user was happy. And I re-discovered how the application was set up, so I managed to solve my puzzle of the day. The next time I may not be so lucky.

Friday, November 6, 2009

A Video Game that Deletes Your Home Directory Files

Created as an art project, Lose/Lose is a Macintosh game that looks a bit like that 80's classic Space Invaders. The difference is, as is warned explicitly on the author's home page, each alien you kill will delete a file in your home directory.

The story made its way to AppleInsider.

I've already railed on users not bothering to read directions or popups and warnings. This program is clearly a joke on people who don't bother to do so.

However a second twist came up in that several antivirus firms are classifying it as malware and a trojan. They claim that other people may take the program and repackage it without the warnings of dire consquences so that people will delete their files

First, this is silly. The vast majority of malware authors out there are working to make money now. They do it by taking over the machines in order to blackmail other users (give us money or your drive is encrypted), commandeer user's computers to remote control them in order to blackmail other users (give us money or you will suffer a denial of service attack), and commandeer user's computers to remote control them in order to overwhelm anti-spam efforts (turn computers into zombies that send spam). Oh, and I'd be remiss if I didn't mention the take over the computer to record files and keystrokes so they get your login information to banks and corporate sites.

Overall, the key to malware authors getting profits from ignorant users is to not get caught on the computer. If you disable the computer, they can't get money. They can't resend spam. They lose a zombie on their network of controlled machines. So unless it's a targeted attack, repackaging something that deletes home directory files is nothing more than digital vandalism (or a serious middle finger of misplaced anger at ignorant users to teach them a lesson).

In other words, it's a waste of time for malware authors.

On the other hand antivirus authors love this crap. "It's evil!" they laugh. "It'll destroy your computer! Plus it adds another signature to our database to increase the number we can post on our site so we look better than our competitors...

They know damn well it's not a serious threat.

Ken Thompson (if you don't know the name you're obviously not a computer person...just saying...) wrote a wonderful paper called Reflections on Trusting Trust wherein he described a compiler that was altered so it added a back door to the Unix Login program. He said that people normally audit the human-written source code to programs and trust the compiler, the program used to turn that source code into machine code. His alteration added a back door to the Login program and also had the ability to recognize when it was compiling a new version of the compiler, adding that backdoor-compilation-code to the new compiler as well.

In other words, this program questions trust. In order to install a program on the Mac (or Linux or Windows now) you have to authenticate as an administrative user. "Yes, I want to do this."

The problem is that you're normally installing programs from people you never met. You didn't write it. You didn't audit it. What's to stop the new trial software you downloaded from the webbertubes from uploading your financial information in the background while you're playing? If you granted it administrative access when installing the program, absolutely nothing will stop it.

Users simply trust that there's no chance (or a very slim chance) of that happening. They trust the authority of Those That Know More About This Shit Than I Do(tm).

Classifying Lose/Lose as malware (or potential malware) is silly and a waste of time. Any jackass that is worth their programming salt would come up with a better version than some retro 80's video game to attract more users rather than spend the time reverse engineering this little game, and even if they didn't, the time invested in removing the warnings would still probably not take much more to alter the compiled program so that it won't trip the signatures in the antivirus programs.

Hell...I could email a script to someone telling them to execute it and all it does is "rm -fr /". Got a signature for that, vendors?

The fact is that uneducated and ignorant users will always be a weakness in the system. There is no bringing them up to speed because they're not interested. See the number of cars that are on the streets in the US? How many of them don't know how to change a tire? Which, arguably, is one of the simplest tasks for car owners yet a rather important thing to know when they have a flat and are on their way somewhere. Lots of people have computers, they're ubiquitous, many people have come to rely on them for various tasks in their lives...yet they sure aren't flocking to the computer section of Barnes and Noble to learn how to properly maintain their system. Most of the time I'm lucky to find a user that even runs Windows Updates on their system.

So what's the summary here?
A) Users won't read warnings.
B) Antivirus vendors will do anything to look good.
C) If I can get you to install a program on your computer, you're not secure. You're probably fine. But you're not secure.

Thursday, November 5, 2009

Why Ask "Are You Sure?"

Joel Spolsky mentioned the question of why programmers bother having applications ask for confirmation from users before performing some task. He said that it seems to serve only one purpose; to make the user feel guilty.

The reasoning as I remember was that users, not being "computer people", don't know what to do when confronted with a confirmation. They don't care to know. They trust in the programmer...the "computer techie people"...to know what's best, so they just go ahead and confirm whatever it is that pops up.

So he said that the only reason to do it was to make them feel stupid. This way they confirm whatever it was that pops up, then find out it deleted something or did something they didn't mean to do, then know that they had the confirmation warning them not to do it and they said to do it anyway.

"Oh! I'm an idiot! I should have chosen something else!"

Personally I'm not sure that users feel stupid about making a mistake. They just blame the application, programmer, or "stupid computer". Maybe some feel like idiots, but I'm thinking they're not in the majority.

I hate those stupid confirmations. Users don't read confirmations or licenses or any of the "user friendly" crap that is thrown into Windows (do any tech people use the "friendly" control panel? I immediately switched to the old style while using XP).

I prefer having a straightforward set of tools that do what I want. Clear labeling for buttons, straightforward questions and queries that leave no ambiguity about what happens when you select yes or no (OS X is famous for eliminating a lot of the ambiguity from their selection dialogs), having a simple way to navigate the interface instead of five ways to accomplish one task...those are hallmarks of good design. Any roadblock you throw up in a workflow is a bad thing; users tend to not read them anyway! Even if they did, they claim they didn't understand it. So they just trust that the programmer selected sane defaults and click right through them.

I think this is what Mark Shuttleworth calls a papercut...little things that aren't bugs, per se, but added up create a bad user experience. It's a waste of bits and annoying as hell when you just want to get something done. I truly wish that there was a way to have an operating system that possessed an interface that doesn't try whatever it can do to get in your way with inane and worthless dialog boxes.

Is there any reason to have an "are you sure?" dialog box or other cutesy abstractions to the system? Maybe for things that are blatantly destructive (About to format volume C: in 10 seconds...), but other things...I'm not so sure. Anyone have experiences or opinions to share?

Tuesday, November 3, 2009

Security ID: NewSID is Retired?!

Mark Russinovich had this interesting blog article. He retired the NewSID utility.

If you didn't know, the NewSID utility was part of the Sysinternals suite of free Windows tools and was used to change the Security ID used on Windows NT based systems. The article explains more, but basically the SID identified certain accounts on the computer (the names associated with them are a friendly format for people to read, the SID was the machine version that actually mattered, similar to the userid in Unix systems mapping 0 to Root; anyone with userid 0 was considered Root).

Mark is a guru in the Windows world; he wrote NewSID, so when he posts his explanation that basically the SID is useless and doesn't need to be changed then questioning him is like questioning the Bible. It just isn't done.

The weird part is that I've had systems at work that acted very very strange on the Active Directory domain if it had a SID that matched another machine. Use NewSID, and suddenly issues went away. Coincidence?

Hmm...

Monday, November 2, 2009

Karmic Koala Released!

Great news, Ubuntu 9.10, called Karmic Koala, has been released!

I upgraded my workstation at work and my home workstation and so far haven't had major issues.

It took about four hours over a dedicated connection to do an in-place (read: told 9.04 to upgrade to 9.10 instead of formatting and reinstalling a clean version) upgrade. Probably would have gone faster if I tried using a CD image to upgrade, but I haven't tried that. I just opened the update-manager and clicked on the button that said a new release was available; upgrade-manager handled the rest.

While it upgraded I couldn't help but think about the people that are upgrading to Windows 7. People are trying to grab release candidates, downloading pirated versions, paying hundreds of dollars for a store copy, or having to buy a new computer to get the latest version of Windows.

Usually the upgrades go fairly well, but when the upgrade goes wonky...I get especially mad, because it usually means I paid to get screwed. I paid money to lose my time in the upgrade, have hassle in trying to get things working, and basically I paid to create a headache for myself (whether the upgrade went well or not I still lose time in the process of upgrading). I also get more irritated at the idea that I paid for the operating system only to run into later headaches with the OS, but that's another topic.

Karmic, on the other hand, is Ubuntu Linux. Free. It has some irritations and quirks; it's not perfect and I would never claim it was. And I was upgrading to the latest and greatest version without paying anything but time. If something broke, I lost time. Not money. No expectation of support, and no resentment at a company charging me to get stabbed with such expectations.

My upgrade went well both times with one minor exception; one irritation with Ubuntu has been the network manager. It sucks. Never seems to work right. So the first thing I do is install Wicd, which drops in palce and replaces the network manager. My work system kept everything just fine, while my home system replaced Wicd with Network Manager again, and lost my static IP entry and thus broke my port redirection from my home router. I came home, checked out what happened, and told Synaptic to reinstall Wicd and all worked fine again.

I'm still experimenting with Karmic to see if things that quirked and broke in the previous release work in this one. Some of my compiz graphics coolness would malfunction or barf on my home system so I had to turn it off; now I've reactivated some of the goodies to see how well (or horrible) it works now. My work system used to lock up if compiz effects were left on too long. My home system just had weird application crashes. I upgraded before Halloween and so far it seems to be working better.

Canonical (the company behind Ubuntu) has integrated a new cloud-storage system so I could, if I wished, upload 2 gig of data for free to a storage area on their servers that then I could access from any other Ubuntu system or use a web browser to download documents and files to other systems. Not something I see me using, but maybe in the future something will come of it since Apple has been trying to leverage their version of cloud storage with Mobile Me and Microsoft has a trial system in place as well.

Canonical also changed the software installation system. Right now it's mostly eye candy changes, not something overly functional, and they're expecting the next release (probably next April) to include greater functional changes to the installation system so users can find and install software more easily.

Other than that, it's a lot of incremental usability and bug fixes. Nice touches, nice refinements, and best of all, I didn't have to pay for the upgrade. As soon as it was ready I clicked a button and got it.

I'm sure most Windows users I know will be upgrading soon. They usually do as soon as they need a new computer, since then it's preinstalled...

Sunday, November 1, 2009

Managing Geeks

Not a long post today. Primarily wanted to share that when it comes to managing geeks and IT people in general, they tend to self-organize under a form of meritocracy built on a foundation of respect.

Definitely a good editorial. Too bad more Pointy Haired Bosses and managers don't seem to "get" this idea.

Check the post out at this link.

Saturday, October 31, 2009

Conficker Hits the 7 Million Mark (and Computer Immune Systems)

Wow...Conficker has hit the 7 million infection mark. A year after being discovered a security firm now estimates that it has infected 7 million computers.

Most system administrators aren't too surprised at this. Anyone running a system connected to the Internet with just about any kind of server sees hits in their logs from systems that are infected with various worms, many of which are years old and patched back in the days of Windows 2000.

Conficker was a nasty but discoverable infection because in larger businesses and school there are often security measures in place to stop users from brute-forcing account passwords; this would mean that you would try to break into bob's account by using his username and guessing his password. Sit there long enough trying either random passwords (bobpassword, god, mypassword,...) or every iteration of the alphabet (a, aa, aaa,...abb, abc, abd,...) that eventually you get the password. Most corporations place a limit on the number of times you can screw up your password before the account is locked out and the user must call their IT department to reset it.

One method of spreading used by Conficker is to try random accounts and then fire away with a password brute-force attack, so then the school, business, or government agency suddenly finds most of their users locked out of their computer accounts. Of course this is a gross simplification; the Wikipedia article linked at the beginning of the post goes into detail on how this works and what variants used these methods.

So how is it that a worm, with known signatures, with known patches, with antivirus vendors and microsoft itself knowing how to remove it with its own malicious software removal tool, is still so virulent in the wild?

Several reasons are possible. One is that many of the infections are coming from pirated copies of Windows in use out there that are locked out of getting Windows Updates from Microsoft. Pirates don't tend to care about how their behavior affects other users out there, as long as they get their free fix of software to run their favorite software titles.

Another is that users are simply ignorant of keeping their systems updated. Despite the efforts to automate Windows Updates and make users pay attention to updating their systems, I still run into systems that are running old and outdated software, like the recent case where I had a system in our corporate lan configured by an outside agency that was running a "release candidate" (read: beta) of Service Pack 3, and after remedying that the PC was slammed with waiting post-SP3 updates. Home users are worse; they usually turn off their computers when not in use, so updates cannot be run overnight as they're usually automated to do (or run automated antivirus checks as many of those are defaulted to do), or dialup users turn off their connection to the Internet so updates can't be run.

Even when automated there are plenty of cases I run into where bugs and glitches with Microsoft's own updates end up breaking Windows Update, or installing update C means needing updates A and B installed first and often I've had Windows say it's done with Update A until it's rebooted...then it starts downloading update B, while the user thought he was completely up to speed with fixes.

In other words a home user needs to be diligent in keeping his system up to date and monitoring it for odd behavior. Most aren't. They expect their computer to be like a car or TV; an appliance that doesn't need any updating unless it directly affects them, such as not running the latest video game until they install a new driver. Since they're not interested in learning about how to be responsible with their computer in order to use it they write off such things as "I'm not a computer person" (which still doesn't stop them from using it).

Meanwhile these home users and ignorant corporate IT departments that don't maintain their systems are busy slamming other people on the Internet with their infected systems. It doesn't bother them that worms like Conficker are designed to take remote control of their computer for attacking other targets on the networks (such as launching a denial of service attack against a business) or stealing your personal banking information. As long as they can surf the web and read their email and play video games, they're happy.


Until computers gain some ability to use a self-protection system akin to an immune system, invisible to the user, and not requiring (or at least necessitating) online updates in order to heal, people will continue to blithely spread years-old worms and viruses. A sad state of affairs that is yet another reason I hesitate recommending any involvement in an IT-centered career at this point to new people (many of whom, I've found, also are spreading computer viruses through the same self-centered attitudes towards using their computers).

Wednesday, October 28, 2009

The Abomination that is Windows Vista

I recently had cause to work on a system that another department had ordered a few years ago with Windows Vista Home Basic on it.

It reminded me all over again of all the things I hate so passionately about Windows Vista.

I recently blogged about my trials and tribulations involving the fact that there's no default administrator account while I had to reset the password for the default administrative user on the system in question. It was irritating, but followed the trend of other operating systems; "hide the administrative user behind another layer so people who don't think before hitting Enter will have another hurdle to cross before destroying their system."

The more I worked with this computer, though, the more agitated I became. The computer wasn't really a slouch. It was a core 2 duo with a gig of RAM. Yet I booted it, it would pop up with a welcome screen. Log in. Goes black. Comes back up. Flickers back out. Comes back up. I think at a couple points in the troubleshooting I turned off the computer accidentally, thinking that it had crashed when it went black for more than ten seconds.

My first computer ran DOS and Windows 3.1 on a 486SX-25 processor and 4 meg of RAM. That system even ran a beta of Windows 95. 4 meg of RAM. The is like comparing an 86' Chevy to the starship Enterprise. And Vista was killing it.

I had to reboot it several times over the course of upgrades. The upgrade mechanism was infuriating. There was very little feedback; it would sit at the prompt that it was checking for upgrades at 0% for ten or fifteen minutes at a time. When I thought it had crashed, it suddenly jumped to 40% complete.

Other times it would come up and say I had 4 optional addons (after several rounds of updates completed). Done? Nope. I clicked "check for updates" (again) and it suddenly found another couple of updates waiting.

I was even more agitated earlier when it installed a whole group of updates...twenty or thirty...then I attempted to install Internet Explorer 8. It wouldn't. The install program would just "disappear", no warning, no nothing. I downloaded it four or five times.

I broke down and downloaded the standalone installer to another folder and ran it from there. It failed, this time leaving a link on the desktop with a potential fix. Between that and checking my trusty friend Google, I was told to check Windows Updates first. Then there was a little note saying that Vista with SP1 didn't need this, and IE8 would install fine with Service Pack 1 installed.

No...service...pack...one?

I went to Microsoft's site and downloaded a FOUR HUNDRED MEGABYTE service pack. And installed it.

Then installed IE 8.

You can rightly assume there were three or four reboots involved.

And I nearly screamed when it said there was another 200 megabytes of updates waiting for me after those were installed.

I had to attempt to install those updates about four times. Each time, some installed, others failed due to some vague error. A reboot and retry would yield a little more progress.

You can rightly assume that I was getting more and more agitated at this.

After all these updates, Windows Updates decided that there was a service pack 2 waiting for me.

If you didn't know, most service packs roll previous fixes right in. So if you install service pack 2, you already have all the fixes that came before it. That way you don't have to install service pack 1then 2. You install 2 and get all the fixes since the operating system was released up to that point.

I was incensed and furious. What kind of braindead monkey designed this update system?

All this time I was working on getting the antivirus working. In the corporation we use Vexira antivirus from Command Central. It's not my favorite.

Vista doesn't seem to love it either. I right click on the tray icon and tell it to update itself. The update console doesn't come up. Instead some "interactive service dialog" pops up. Click it, and it takes me to some kind of privileged desktop that hides the things I was actually working on so I can see the antivirus update console.

With a heavy sigh I told it to start updating. It dutifully began downloading a new version of the antivirus. The computer sat for about a minute.

And went dark.

Another "flicker out"? WTF?

I moved the mouse and the login screen pops up. It said my administrative user was "already logged in", but...huh?

I couldn't find any way to shut that off. Unless I keep moving the mouse while in that "interactive desktop", the @#% thing would drop me to the login prompt after a minute or two.

This didn't happen at the regular desktop. Couldn't find a setting to stop this from happening in power settings or desktop settings or the user account.

I would have checked the local user policies, but because of Microsoft's crappy ranking system of their operating systems they don't include the policy editor with their home edition of Vista. Same operating system as their "business" operating system, but artificially crippled by cutting out utilities that could actually help the users in need of troubleshooting...another reason I moved to Linux in the first place. If your system couldn't act as a server it's because the hardware or software couldn't handle it, not because of someone's idea of a fair market or sales policy found posted in their colon or some other artificial limitation in the software.

Supposedly Windows 7 fixes a lot of the usability snafus and glitches. I hear lots of praises for it. The problem is, I don't care. I've had enough frustrations with Windows. I've spent years finding workarounds to various glitches in Windows 2000, then XP, and now I'm expected to leap again with Windows 7.

I'll do it because eventually I'll have to. But I can't enjoy it anymore. I used to be enamored by technology; I loved jumping into the theory behind multitasking operating systems and handles and filesystems. I used to devour articles in Byte magazine that compared various operating systems and how they worked and compared to each other in architecture. I think I still have magazines in storage that had information on the great OS/2 vs. NT debates.

But today it's no longer a question that interests me. The arguments don't focus on usability or architecture so much as how much the OS can be dumbed down for users; the Vista control panel tries to communicate in plain English concepts that for tech people would be much better served with straightforward checkboxes and text boxes for values. I don't need handholding and friendly web-like links asking if I'd like to change my password, thank you.

There aren't any companies really trying to innovate in operating systems. There are three; Apple's OS X, Microsoft's Windows, and Linux. That's it.

There is a convergence in features and eye candy that suck up resources like crazy. I remember my old computer was perfectly adequate for my tasks. Today you couldn't even get a common OS distribution to boot on a system with those specs.

I've played with BeOS, AmigaOS, Linux, MacOS, OS X, DOS (MS, IBM, Novell), Windows from 3.0 to 98 (we don't speak of ME), NT from 3.1 to Vista, Netware, and several small and hobby OS's like QNX and ReactOS and others too small to name here. Today most of the projects are gone. Except, of course, for Windows, Linux, and OS X.

Vista was a reminder of what I hated about this trend. Technology is exciting today with new devices; the Kindle. The Nook. The iPod and iPhone. The web. Operating systems are so bland and commodity that they're not really even worth looking at anymore.

When operating systems frustrated me before it was because of my own limitations and lack of knowledge. I had to expand my understanding of how the system worked in order to bend it to my will. Today the frustration is being designed into the operating system. "Are you sure you want to run this?" "Do you really want this program to run?"

Or all the times I'm searching for a function that disappeared from the previous version of Windows. It's infuriating when I know what I'm looking to do and can't because I have to interpret the "natural language" version of the interface.

Or I have to click to open the C: drive, then confirm that yes I want to see this files, then click on Program Files, and again confirm that I wanted to see the contents of the folder.

At that point I really can't help but re-examine my job duties. It's one thing when I can't get something to work because I'm lacking information. Learn more about LDAP. Learn more about TCP/IP. Learn about priorities and file handles and applications to monitor I/O. Read read read. But to have an operating system act like it knows more than I do, and actively get into my way when I'm trying to configure it or set something up?

I'm tired of it.

And now Microsoft is promising, just as they did with Vista, that Windows 7 is better than anything they've released before.

Yeah, right. I'm going to go back to my corner and browse the web with my iPod.

Tuesday, October 27, 2009

Windows XP SP3 v. 3264 (Or, "The pre-release version of Remote Desktop Connection has expired...")

Here was an interesting problem today.

I was working on an "import" for a client. By import, I mean this computer technically belonged to another agency that is working within our network because of a leasing arrangement; we didn't set up the machine, but it was on our domain, authenticated to our domain servers, and ran some software we run because it's expected that we babysit the system and maintain it while on our property, but the computer itself isn't owned by us. Clear as mud?

The machine itself was somewhat decent. One of those budget E-Machines, 2.x Ghz with a gig of RAM. Decent enough for most users online chores, running Windows XP. I was annoyed at it since it won't run X on a RIP Linux CD (just keeps stuttering to the command prompt, and xsetup doesn't seem to like the video chipset).

The user ended up needing a home directory set up so they'd not be tranferring a 400 meg profile with them (who's the genius at MS that designed it so that "my documents" was part of the profile? If a home directory is defined, why not make it *automatically* point to that location instead of forcing admins to hack away at settings to redirect it? Stupid stupid stupid...)

No problem. Just open up the RDP client...start,...programs...accessories...click on the client. Voila! What the hell?

"The pre-release version of Remote Desktop Connection has expired. To download teh full version of Remote Desktop Connection, go to Windows Update or contact your system administrator."

Um...okay. Run Windows Update. Nope...no update available there.

Wait, did it say pre-release? I checked the version of Windows. It was Windows XP Pro SP3 v. 3264. I did a double take at that...what's the v. 3264?

Google. It's running a release candidate for service pack 3? Who's the chucklehead that did that? And inflicted it on a technology illiterate user? These are wedgie-deserving offences. Worse, if this draws into a problem where I'm going to go all Hulk on someone.

Google for a fix to the terminal issue. @#%...replace  a couple files under Windows' System32 directory. Didn't work. Replace two .mui files under en-us in the system32 directory. Still no joy.

Weird...

I pulled a copy of the ginormous service pack off our network share and run the setup. Goody. Takes forever, but it actually ran without complaint, and in the process fixed the RDP client. Know what else it fixed? A small flood of back hotfixes and security updates labelled for service-pack-3-no-freakin'-RC-version.

I don't know if the company behind those Walmart special E-machines installed a @#$% release candidate service pack or if their "tech person" did it, but anyone that installs a BETA of a SERVICE PACK on a user's system that is then turned out into the world to fend for themselves should be stabbed with shards from broken DVD's.

If you encounter that weirdo message about the RDP client expiring, try reinstalling SP3. The full version. Not some crippled beta.

Monday, October 26, 2009

Windows Vista and the Administrator

Well, I'm typing this on the eve of Windows 7's release and by the time you read it it will have been out for a month. Nearly.

It's being hailed as the next big thing, perhaps even big enough to erase that abomination that was Windows Vista.

I had occasion recently to have to work on a laptop running Vista Home. Most of the systems where I work are still running Windows XP for two reasons; it works (relatively) well on the cruddy hardware we have, and it is nowhere near as infuriating as Windows Vista.

My task was to clear a password for an administrative user on the laptop because the admin password had been lost.

Believe it or not, this is normally ridiculously simple. I boot with my trust RIP Linux CD, mount the hard disk, and then run chntpw to wipe the password. Reboot to Windows, log in. Done this hundreds of times with XP and have had no problems. Easy peasy.

Given that Vista is largely XP with more hassles layered on...well, okay, given that Vista is still the same basic code base as XP, it still uses the SAM portion of the registry to save password data. Shouldn't be any issue with wiping the password.

I booted, mounted the drive, checked for a /mnt/sda3/windows/system32/config/SAM file, and ran chntpw. Rebooted.

Um...where's the administrator?

Turns out...THERE ISN'T ONE! Surprise! On me!

By default the administrator account is turned off. Instead there's an administrative user account used by the system. Otherwise you have to go and enable it on Vista Home using a boot disk and command prompt. Check it out here.

So apparently I cleared a password for a user that doesn't work. @#$%

I was irritated. This was one of the few constants I have counted on in my administrative duties, having an administrator account available. Systems fall off the domain, systems have issues that necessitate a login to the local machine, now it doesn't work quite right.

I shouldn't be quite so irritated. Many Linux distros have started moving away from having the root user enabled, forcing you to instead use sudo to gain privileges. Ubuntu does it and OS X does it, both of which I use constantly.

I guess my main peeve is that those are systems I use. I know them. I generally can find my way around under the hood. When your job means having a system dumped on you with no back history available and the directive to get it working, though, this adds another layer of frustration since now I have to figure out another piece of the puzzle just to log into the damn thing.

It goes back to usability. One of the strengths of the Mac was that Apple was the most anal retentive companies about how their system appears and how your application looks and behaves. If you ask the user what word is in the upper left corner, it's going to be the active application. In Windows you have to guide the user ever so gently into figuring out which menu bar is highlighted to figure out the current window that is active. Menus may or may not follow the same order (you can imagine the calls and hair loss after Office 2007 was released with their wonderful redesigned ribbon bar for a menu...)

The ability to have a quick and easy way to log in was something I took for granted. No matter which head twitch configured the system or what knob had screwed it up, I could use administrator on the local machine to log in. No more.

I read that windows 7 continued the new tradition. Just another reason to want to cry some days in the tech pits, I suppose. It would be different if more people were knowledgeable about the tools they're misusing, but such is life.

In case you're curious, which you might not be, I did get into that system. I figured out which user from the menu was the admin user and then booted back to rip, and this time used chntpw with the -u parameter to specify the username whose password I wanted to erase. Voila. Worked.

*sigh*

Sunday, October 25, 2009

The Mac Isn't Always User Friendly

I really like using the Mac. I recommend home users look at using a Macintosh if they don't have a specific reason to use a PC. They tend to be safer and easier for people to use, and in the end, users don't care about the politics of their operating system. They just want to surf for games or porn and read email. Usually, anyway.

But just as every Batman has his movie Batsuit with nipples and every Star Wars has a Jar Jar, even the best Macintosh has it's horrible albatross. Albatrosses. Albatrossi?

I'm fighting one right now. In order to connect to the network at work from home, I have to use the accursed Cisco VPN client. I hate it. I hate it, I hate it, I hate it. I had in on once long ago and it screwed up my network configuration. I eventually tried using it again and while it seemed to work okay (after getting the correct version, since the version on the router and the version on the computer have to match within certain specifications or it just magically would fail...seems encryption standards apparently aren't standard enough to survive small revisions in version numbers) I am now getting an error about not being able to find an active network connection over which to connect, so the client wouldn't start.

I Googled (over my interface that the Cisco client insists isn't there) and found references to restarting the VPN subsystem from the command line. Okay...tried...can't find it. The logs say it doesn't know anything about that service. Oh dear...

Another reference I found online said to repair disk permissions. This seems to be the new "rebuilding the desktop" for the Mac (if you know that reference you're either a longtime Mac user or a true geek at heart). Seems that every bloody time I find an issue on the Mac the first thing suggested is to repair disk permissions.

What? I've been using Linux before X Windows was run by default at startup. That's right, I had to actually configure X and type "startx" at a command prompt. Both Linux and OS X are, under the hood, a form of UNIX (purists would no doubt get their panties in a twist at that, but tough. For my purposes here it's true enough) and they both use similar forms of permissions on files. I don't recall EVER having to run a utility to fix permissions on Linux. I don't have files randomly changing their permissions. So why is it that under OS X it seems to just decide, arbitrarily, to change permissions on random files?

There doesn't seem to be any rhyme or reason to it.

What I really wish I could do is just run SSH to create my tunnels for what I need to do. The boss said that the Cisco VPN client was superior and decreed that SSH would be cut off. "One less possible vulnerability".

The result has been, for me, far more headache. Not only do I need a special client that is available for certain clients (I think there's sort of a Linux version. Maybe. As long as I am running a certain range of libraries and dependencies that match to their client software) but that same client software seems notoriously flaky and problematic. I have yet to see why this is superior to the old way of using methods that are open standards.

Excuse me while I go rock in my corner while waiting for my "repair permissions" to complete and then hope that it works after a reboot...

Saturday, October 17, 2009

Common Sense...Where Did It Go?

Here's a question that burns me. What has happened to common sense?

Maybe this is more of a venting than anything else. The rational part of me says that people do things that seem to lack common sense because I'm not seeing the world through their eyes with their priorities. Maybe my mechanic thinks the same thing about me not seeing the importance of rotating my tires. I don't know.

But some things still just floor me.

I work in IT, as you know. I repair systems and do maintenance and half a dozen other things that are considered gruntwork done by someone off the street even though 99% of the coworkers profess they aren't "computer people" and have no idea how to do what I'm doing. Irony is a good friend of mine.

I was doing a set of updates on a coworker's system. She left the room to do something else, and I had happened to have a schedule to keep (namely wanted to take care of some things at home so I couldn't be an hour and a half late as is often the case). Plus my boss likes making me feel like dirt if I'm "wasting time" by not doing multiple repairs at the same time. So I figured I'd try it his way and let him have the "I told you so" moment.

A reboot of the laptop in question came up and said there were still more updates. This time? Service Pack 3 for XP. I didn't even realize this person hadn't reported it was out of date by this much. She'd apparently had it at home during upgrade times for so long...yikes!

So I started the update. For those who don't know, service packs are big. They're really big. Like on this laptop we're talking an hour of work. So I hit control-alt-del, locked the workstation, and went to another room to get two more tasks checkmarked off.

(Note-locking the workstation means that when the user comes back, it says they have to hit control-alt-delete and log in as the administrative user because the system is currently in use, and if you log in with administrative privileges it warns that the other user will be logged out and unsaved work will be lost).

I didn't think much of it. The user is college educated. She surely can read. I left and came back an hour later, hoping to have it at a point where I could basically button it up until the next day or so to complete other minor updates that wouldn't take anywhere near as long (hopefully).

I came back to a computer that was shut off.

She apparently came in and shut everything off. Mid upgrade.

Again, if you don't know...service packs replace a lot of SYSTEM files. As in, if it was partially working on the system and you shut it down, it could no longer boot. If she shut it off during a file operation, it could have damaged the filesystem as well. Basically she rolled the dice to find out if her computer was completely and utterly screwed up now.

She ignored the warning.

She ignored the fact that I was doing upgrades (she knew I was working on it).

She didn't put two and two together that if I had locked the system and left, I was planning on coming back.

In short, my boss didn't get his I Told You So moment and I had an extra hour of work re-applying the service pack, grateful that the computer still booted after she had cut it off mid-upgrade. I got home an hour later. As usual. And a bit more ticked with yet another reminder of why I spend so much time babysitting systems when doing upgrades instead of looking productive.

Not reading these warnings are right up there with leaving pee on the lip of the toilet seat. It's common sense. Wipe it up. The warning is right there, you knew I was working on it, don't mess with it. The analogy isn't perfect since there are times where you might not notice the pee on the seat thing...but Windows, for all its flaws, will still tell you that the user is still logged in and give you a warning about unsaved work. For the love of $Deity pay attention and think. It's too easy and common for people to just disregard anything "computerized" as being out of their league so they reflexively dismiss whatever it's doing as too complicated. I'm not asking you to give the pros and cons of cooperative vs. preemptive multitasking, just to stop and use your college educated mind to decipher a warning on the screen. Or at least take it to someone else who would know! You have no idea how many people will call the help desk and just say "The computer is giving an error thing," with no elaboration. What does the error thing say? What were you doing?

I'm not magic. I'm not in the movie world where hackers can control airliners using a magic set of commands from a secret supercomputer in the bowels of the Pentagon, and I sure as hell can't divine what your issue is with a few keystrokes and the description consisting of "it gave an error."

Please...I wish people would just take a few moments to use a little more common sense. I'm paid to fix problems with the computer that you don't want to deal with. But still, I really wish you'd give an accurate summary of the problem with what is presented to you...at a minimum, the actual error message, not a paraphrased listing of jargon that you are making up as you go along. Or read the error message for a moment and see that maybe, when it says that a particular user is logged in already, think that it's in the middle of doing something that maybe you shouldn't play with.

I'm venting and I know it. Maybe others out there have had similar experiences, only in different fields. Please share! I'd love to know that this isn't a tech-only phenomena. Or at least not feel like I'm the only one having these issues.

Friday, October 16, 2009

Filtering the Web

Here's a topic that seems to get some people up at arms but the majority...not so much.

My daughter's school, like all US schools (if they want federal funding) must use some kind of web filtering.

I'm kind of torn on that issue; I don't normally agree with censorship, but if everyone approached technology like I do then it wouldn't really matter. I don't really care about what's out there. It's like censoring math or technology. This stuff is out there. Sheltering people from being exposed to it is just pretending it isn't there. And if you didn't realize it already, life ain't like it was depicted in Leave It to Beaver.

I'm continually amazed that television was actually regulated down by the powers that be...the people who had the power to produce TV shows at the time...to the point where it was pretended that married couples didn't sleep in the same bed. Shows like I Love Lucy were considered breakthrough...she got pregnant! And they slept in the same room! I wonder if the two were related?

If you read your history you will find that life was most certainly more raunchy and baudy then ever depicted in media. Hiding this fact doesn't make it magically erase from history.

In my view, in my own little mental world, we can be responsible for what we view and do.

Just as with the real world, there are horrible and wonderful and amazing and scary things on the Internet.

That's my view. Unfortunately, I know some teenagers.

I see the Internet as a vast resource. A library. A diversion. A creative outlet. A medium on which to paint my feelings, my hopes, and find others expressing themselves as well. It's a way to find news and find new ways of thinking about things and ideas and events.

Most people see the Internet as just a toy. It's a way to get free music. It's a way to play cheap Flash games. It's a way to find boobies.

I'm not against games. I'm not against music, or boobies. But that's not all I see the Internet for. Most users that's pretty much it. It's not a tool for creativity, it's an extension of the television set with more possibilities for explosions, violence and boobs.

In other words, it's an extension of passive entertainment.

If others would truly utilize the Internet to exploit the possibility of leaving a fingerprint in our short lives perhaps things would be a little different. Instead it's just a way for people to forever send forwarded messages to each other.

While I don't support censorship and the ethical questions that come into play when you broach the subject, I do think that I've seen way too many teenagers waste time and resources...like their lives...on silly passive activities on the Internet instead of using it as a tool for creating. I think they should earn the right to look at webberboobs. I think they should pay in learning before shifting from drooling in front of the TV to drooling in front of the keyboard.

This is just the 10,000 foot overview on the subject through my glasses. What do you think?

Thursday, October 15, 2009

Been Playing on Twitter

I've been playing with my Twitter account a bit. I turned to it as an alternative to Facebook, which seems to be largely a cesspool of stupid non-authoritative "quizzes" and little games that you play and brag about how many jewels you've accumulated or how your virtual garden is doing instead of actually growing vegetables in the real world. The one thing I did enjoy doing...getting updates on people I've lost touch with...becomes overshadowed by crap.
I've been playing with my Twitter account a bit. I turned to it as an alternative to Facebook, which seems to be largely a cesspool of stupid non-authoritative "quizzes" and little games that you play and brag about how many jewels you've accumulated or how your virtual garden is doing instead of actually growing vegetables in the real world. The one thing I did enjoy doing...getting updates on people I've lost touch with...becomes overshadowed by crap.

Before this goes too far off base, I started using Twitter. Here are some observations:

Bots are remarkably prevalent on Twitter. And they get shut down really fast. I was followed within minutes when I created an account by two "hot babes" that wanted to have me "get to know them better". Periodically I'm still being followed by bots. The accounts are shut down almost immediately though.

Some people really like using their celebrity status to advertise. Constantly. One person I respected as an actor kept plugging a product every other tweet. I no longer respect him so much.

I've yet to really find a compelling reason to use Twitter for an actual purpose. It's very possible that I'm simply the most boring person in the world. I hear people like Mur Lafferty and Jeff Atwood say they'll post a question on Twitter and within minutes they get replies. This leads me to suspect that Twitter is a really useful thing if you already have a small army of followers. For people like me...not so much.

I try using it to kind of keep tabs on my day. So far only my wife reads it. My own reader is kind of a pain because many of them apparently don't archive the tweets well or sort them very well. At least blog readers have archives and search.

I do get the occasional useful link or story. There one that Mur posted about that I started following because the woman literally posts new tips for writers every half hour. The problem is the previously mentioned issue with keeping up with the tweets to sort out the useful stuff after being out and about for the day.

Twitter for me seems to be like my blog only on a far more massive scale. While this blog is a small splash in an olympic pool, a tiny little ripple, Twitter is like someone peeing in the ocean. If I'm barely keeping my head above water out here on the blogosphere, Twitter drowns your voice clear out.

On the other hand, I do like some of the things I can find out there. It's a balancing act not to get inundated with information but there are good tidbits to dig out. I'm simply a little disappointed that I'm not a good producer of interesting content.

So is it that Twitter is simply littered with a lot of mind droppings from tweens and people who can't spell until the signal to noise ratio is simply too high to reasonably use if you don

Before this goes too far off base, I started using Twitter. Here are some observations:

Bots are remarkably prevalent on Twitter. And they get shut down really fast. I was followed within minutes when I created an account by two "hot babes" that wanted to have me "get to know them better". Periodically I'm still being followed by bots. The accounts are shut down almost immediately though.

Some people really like using their celebrity status to advertise. Constantly. One person I respected as an actor kept plugging a product every other tweet. I no longer respect him so much.

I've yet to really find a compelling reason to use Twitter for an actual purpose. It's very possible that I'm simply the most boring person in the world. I hear people like Mur Lafferty and Jeff Atwood say they'll post a question on Twitter and within minutes they get replies. This leads me to suspect that Twitter is a really useful thing if you already have a small army of followers. For people like me...not so much.

I try using it to kind of keep tabs on my day. So far only my wife reads it. My own reader is kind of a pain because many of them apparently don't archive the tweets well or sort them very well. At least blog readers have archives and search.

I do get the occasional useful link or story. There one that Mur posted about that I started following because the woman literally posts new tips for writers every half hour. The problem is the previously mentioned issue with keeping up with the tweets to sort out the useful stuff after being out and about for the day.

Twitter for me seems to be like my blog only on a far more massive scale. While this blog is a small splash in an olympic pool, a tiny little ripple, Twitter is like someone peeing in the ocean. If I'm barely keeping my head above water out here on the blogosphere, Twitter drowns your voice clear out.

On the other hand, I do like some of the things I can find out there. It's a balancing act not to get inundated with information but there are good tidbits to dig out. I'm simply a little disappointed that I'm not a good producer of interesting content.

So is it that Twitter is simply littered with a lot of mind droppings from tweens and people who can't spell until the signal to noise ratio is simply too high to reasonably use if you don't already have an audience? Or is the blame squarely on the twitter user if they're not interesting enough to gain an audience of anything that isn't a bot?

Tuesday, October 13, 2009

I Hate Blogger Usability Bugs (and Website Bugs in General)

I've spoken about neat features with Blogger involving pre-writing blogs and posting them with a "Scheduled" feature so I can write, say, blogs for the next three days and have them automatically appear. I can take a weekend off while still keeping content flowing.

But there are real glitches that, to put it lightly, tick me off.

I decided to find out what would happen if you have a brain fart and forget that September has 30 days. I scheduled an entry for September 31st.

The intelligent thing to do is for the application to see that you scheduled something for 9/30+1 day, and wrap it to 10/1 automatically.

This doesn't work. It publishes it immediately. That review for Diet Myths I did on 9/13? It was supposed to be today's entry.

Oh! I'll go back and edit the date so it appears later on. No harm, right?

No dice. I could probably delete the post and put it in as a new one, but otherwise...nope. Oh, it changed the date alright. On 9/13, when I wrote it the entry was still there but the blog entry was still visible. It just had the date set to 10/1 at the top.

Argh! So what then? Every day it stays at the top, since the date is set in the future, and visitors to the site will see it every day as my most recent story?

Not only is it bad form but my Aspergian mind would probably warp itself until it imploded at seeing something so out of whack. I immediately changed the date back to 9/13 and kept two blog posts for the day, resigned to the fact that I would just have to have it appear earlier than I planned. I filled in the entry that it was supposed to take with a bitching rant on poor usability. This entry.

Seems like Blogger would be better fleshed out. Apparently not. So if you're taking advantage of the pre-dating and pre-scheduling features of Blogger, keep in mind it's too stupid to adjust for your mind farts when it comes to dating items.

Along the same line glitches and bugs can occur in more serious forms. I noticed a bug in my primary bank's website. I was logged in checking on funds for paying bills, a really wonderful fun activity. I saw my wife hadn't transferred funds in yet. I asked her about it, she sighed, signed in on her computer, and transferred some money in so I could pay bills.

I viewed my accounts. No money changed. I viewed account details, and I saw the amount she transferred in; but it wasn't showing up under the totals. I switched views, refreshed, everything. The amount she transferred showed up under details but would NOT show up under available amounts. I logged off the bank site and logged back in, then everything showed up just fine.

Apparently the bank software doesn't handle changes made to the joint account when the two owners of said account are manipulating it at the same time. This is a DEFINITE possible exploit, and given enough time I'm sure there's some way to use this information to a black hat hacker's advantage. At a bare minimum it shows some poor programming protection for the site, and it also is annoying as hell to think they didn't think that it would be possible for a joint checking account to be accessed by the owners at the same time, and apparently it may have issues with handling changes in amounts showing up properly.

I'm sure there's plenty of behind-the-scenes reasons that this is a problem. I don't care. For the end user, this shouldn't be an issue.

That's the end of my complaints for web applications for now. It's a little scary that sites accessible by so many on the webbertubes could possibly take advantage of glitches, bugs, and outright security holes on websites holding my personal information. At worst, they're annoyances, like the one I found in Blogger. It's elementary that the application should compensate for something as simple as the user screwing up a date, and when there's a mistake it should be able to know that the user is trying to schedule the entry to show up in the future and thus if the date is greater than the current date, hide the damn thing. At worst, the site is showing a potential condition that can be taken advantage of, like the one I found with the banking site. It could be innocuous but glitches like that in the hands of math and logic geniuses can lead to some really interesting exploits (don't believe me? Read the story about Mac keyboards having their firmware exploited. Yes, that's right, your keyboard would be used to spy on you.)

Friday, October 9, 2009

Is Your Workplace Proactive or Reactive?

Reactive:
1 : of, relating to, or marked by reaction or reactance
2 a : readily responsive to a stimulus b : occurring as a result of stress or emotional upset <reactive depression>
1 [1pro-] : relating to, caused by, or being interference between previous learning and the recall or performance of later learning <proactive inhibition of memory>
2 [2pro- + reactive] : acting in anticipation of future problems, needs, or changes
I've been thinking about this in my workplace lately. I've had the revelation that much of my induced stress is related to the fact that my job is largely reactive. In my workplace we are encouraged to respond to requests for assistance and repairs. We are essentially on a treadmill where every day is another pile of problems, and no matter how much extra time you put in there's still another wave that threatens to sweep you away the next day.
I've had my doctor...nay, two doctors...tell me I need to reduce my stress levels. My blood sugar levels (I'm a diabetic...you knew that, though, after following my bariatric surgery progress, right?) seems to fluctuate, in part, in reaction to stress at work.

There's little in the way of a consistent methodology of measuring progress. You may have read this entry on how important that can be in the workplace.
Essentially the work environment is entirely dependent on putting out fires and there's no sign of those fires stopping. Ever. This makes it a reactive environment where we are always reacting to the next problem.
In a proactive environment we invest in the future. We would spend time trying to make things fireproof instead of putting out the fires after the fact. It could mean more training, making things easier for people to use (or for us to fix after the problems become apparent), and/or generally trying to head off issues before they become issues. It means investing time in intangible things like training the employees (including myself) and things that don't necessarily make quantifiable returns on a balance sheet, but improve morale and quality of life.

I work in a semi-professional position. In truth it is professional, but it is regarded as something less, and while it gives me less respect I suppose I do benefit in that I get taxed less for it (yes, we get taxed for having a job. They call it an occupation tax. I have another less family friendly name for it.) But I bet that just about any job can have steps taken to be more proactive than reactive.

This is just a thought that's been bouncing around my head lately. Maybe it's a personal preference; do you work better in a proactive or reactive environment? Which better describes your work environment? And does it affect how you feel about your job?

Saturday, September 26, 2009

Should You Call Or Email?

I do a lot of tech work. Support-type functions. Repairs. Fixes. Configurations.

I'm also wired with the Aspergian mind. That doesn't help with being patient with people when they don't listen.

But this topic isn't just for people like me. It affects everyone to some degree.

See, one of the high-on-list peeves is when people call on the phone for something that they could have emailed about. It drives me nuts because whenever the phone rings and I answer it, it draws my attention away from what I was focusing on. Even if it's just to answer a quick question, it takes me time to get refocused on what I as doing before the phone interruption.

The part that really steams me is when they call, the person they want to talk to (there's others on the multiline system I'm sharing) isn't available, and they say, "That's okay, I'll just send them an email."

Then WHY DID YOU CALL?

If it's not something you need an immediate answer to, email it. It gets neatly queued to be handled when I have time to handle it. I have a paper trail. I have a reference.

You interrupted me because a phone was handy and you had a brain fart?

Ugh.

Then I have to try to refocus on the task at hand. For tech people, once you're "in the groove" you tend to be more efficient, and interruptions lead to mistakes, possibly bad ones if I'm doing something that could affect others (mail server alterations, anyone?)

So here...if you have something you want to communicate, and it isn't something that requires an immediate answer, email it. Ask yourself: "If the person I want isn't available, will I just email the message to them instead?"

If the answer is yes, EMAIL IT. We'll thank you for it. Or at least not curse you for forcing me to figure out what the hell I was working on before you called.

Friday, September 25, 2009

Spotting Snow Leopard

I just installed OS X 10.6, Snow Leopard, on the one Mac I routinely use.

So far there's not much to love to the experience other than it just works. But I've had that experience most of the time with the Mac.

Snow Leopard is the latest operating system release from Apple. It has several refinements and improvements; they just are more or less hidden and are meant more for developers and techies than end users to enjoy.

Some notes...it doesn't run on PowerPC systems (the processor that was used before Apple shifted to the Intel platform). The PowerMac G5 my toddler son uses will forever be locked in at OS X 10.5 at most.

SL is smaller than 10.5. Like 7 gig smaller (some people are saying they're getting more space reclaimed). Nice.

The installation was simple. A couple of clicks...sat there for twenty minutes...rebooted, done. And by a couple of clicks, I really mean a couple of clicks. Simple as they could make it.

There are some refinements to memory footprint (how much space is taken by the operating system, meaning more memory free for your applications).

There are baby steps towards running 64 bit applications. Apple is mixing things slowly here...the default kernel for the operating system is 32 bit on most systems. You can force it to boot to 64 bit mode by holding the 6 and 4 keys at startup. First, though, you have to be aware that some of the drivers won't work with that mode so you'll lose some functionality if you try that. Not that it's a big deal. The only real reason I've ever found for running 64 bit operating systems is to address gobs of memory (by today's standards)...over 4 gig in your machine, you need a 64 bit operating system. Most home users don't have this worry.

OS X now has some simple anti-malware built in. I guess it will download updates from Apple to scan for them automatically, but really I consider this to be a bit of ineffective fluff.

There is some criticism I heard on MacOS Ken about the 10.6 system being considered insecure because it doesn't do address randomization. Basically, if portions of a program are in a known location of memory then malware...bad stuff...can easily find portions that are vulnerable and target it for hacking. Malware overwrites part of a buffer, executes it, and "boing"...it takes over the computer. Address randomization uses techniques that make it impossible for user code to know where exactly other programs (or operating system components) are located in memory, and while Apple hints that they're working on this they don't currently have the ability in OS X. Windows has had this ability for quite some time and is the default ability of Vista. Not a huge concern right now but it would be nice to have that built in, much like the ability for current Macs to defrag files on the fly in the background (did you know it did that? Search for "On-the-fly" in the article).

Another disappointment, though, was that ZFS was dropped in Snow Leopard. Hints indicate Apple may still be working on it but they haven't commented on the lack of it despite early beta work on integrating the filesystem drivers. Some speculate it's a licensing issue. It's a largely cool filesystem that has a lot of REALLY NEAT features...really hoping Sun Microsystems gets their heads out of their colons and open sources it.

Overall, Snow Leopard is faster and more responsive and is largely a foundation improvement over previous versions of OS X. There's a lot of under-the-hood work done and Apple knows there's not a lot for end users to drool over; they priced it at only $30. Wow! They wanted users to have incentive to install it for the enhancements probably to ease a transition into something more drastic down the road, and judging from the number of hidden changes (see the Wiki article at the beginning of this post if you're interested) the next iteration of the cat will be something quite interesting...