Conficker Hits the 7 Million Mark (and Computer Immune Systems)

Wow...Conficker has hit the 7 million infection mark. A year after being discovered a security firm now estimates that it has infected 7 million computers.

Most system administrators aren't too surprised at this. Anyone running a system connected to the Internet with just about any kind of server sees hits in their logs from systems that are infected with various worms, many of which are years old and patched back in the days of Windows 2000.

Conficker was a nasty but discoverable infection because in larger businesses and school there are often security measures in place to stop users from brute-forcing account passwords; this would mean that you would try to break into bob's account by using his username and guessing his password. Sit there long enough trying either random passwords (bobpassword, god, mypassword,...) or every iteration of the alphabet (a, aa, aaa,...abb, abc, abd,...) that eventually you get the password. Most corporations place a limit on the number of times you can screw up your password before the account is locked out and the user must call their IT department to reset it.

One method of spreading used by Conficker is to try random accounts and then fire away with a password brute-force attack, so then the school, business, or government agency suddenly finds most of their users locked out of their computer accounts. Of course this is a gross simplification; the Wikipedia article linked at the beginning of the post goes into detail on how this works and what variants used these methods.

So how is it that a worm, with known signatures, with known patches, with antivirus vendors and microsoft itself knowing how to remove it with its own malicious software removal tool, is still so virulent in the wild?

Several reasons are possible. One is that many of the infections are coming from pirated copies of Windows in use out there that are locked out of getting Windows Updates from Microsoft. Pirates don't tend to care about how their behavior affects other users out there, as long as they get their free fix of software to run their favorite software titles.

Another is that users are simply ignorant of keeping their systems updated. Despite the efforts to automate Windows Updates and make users pay attention to updating their systems, I still run into systems that are running old and outdated software, like the recent case where I had a system in our corporate lan configured by an outside agency that was running a "release candidate" (read: beta) of Service Pack 3, and after remedying that the PC was slammed with waiting post-SP3 updates. Home users are worse; they usually turn off their computers when not in use, so updates cannot be run overnight as they're usually automated to do (or run automated antivirus checks as many of those are defaulted to do), or dialup users turn off their connection to the Internet so updates can't be run.

Even when automated there are plenty of cases I run into where bugs and glitches with Microsoft's own updates end up breaking Windows Update, or installing update C means needing updates A and B installed first and often I've had Windows say it's done with Update A until it's rebooted...then it starts downloading update B, while the user thought he was completely up to speed with fixes.

In other words a home user needs to be diligent in keeping his system up to date and monitoring it for odd behavior. Most aren't. They expect their computer to be like a car or TV; an appliance that doesn't need any updating unless it directly affects them, such as not running the latest video game until they install a new driver. Since they're not interested in learning about how to be responsible with their computer in order to use it they write off such things as "I'm not a computer person" (which still doesn't stop them from using it).

Meanwhile these home users and ignorant corporate IT departments that don't maintain their systems are busy slamming other people on the Internet with their infected systems. It doesn't bother them that worms like Conficker are designed to take remote control of their computer for attacking other targets on the networks (such as launching a denial of service attack against a business) or stealing your personal banking information. As long as they can surf the web and read their email and play video games, they're happy.


Until computers gain some ability to use a self-protection system akin to an immune system, invisible to the user, and not requiring (or at least necessitating) online updates in order to heal, people will continue to blithely spread years-old worms and viruses. A sad state of affairs that is yet another reason I hesitate recommending any involvement in an IT-centered career at this point to new people (many of whom, I've found, also are spreading computer viruses through the same self-centered attitudes towards using their computers).

The Abomination that is Windows Vista

I recently had cause to work on a system that another department had ordered a few years ago with Windows Vista Home Basic on it.

It reminded me all over again of all the things I hate so passionately about Windows Vista.

I recently blogged about my trials and tribulations involving the fact that there's no default administrator account while I had to reset the password for the default administrative user on the system in question. It was irritating, but followed the trend of other operating systems; "hide the administrative user behind another layer so people who don't think before hitting Enter will have another hurdle to cross before destroying their system."

The more I worked with this computer, though, the more agitated I became. The computer wasn't really a slouch. It was a core 2 duo with a gig of RAM. Yet I booted it, it would pop up with a welcome screen. Log in. Goes black. Comes back up. Flickers back out. Comes back up. I think at a couple points in the troubleshooting I turned off the computer accidentally, thinking that it had crashed when it went black for more than ten seconds.

My first computer ran DOS and Windows 3.1 on a 486SX-25 processor and 4 meg of RAM. That system even ran a beta of Windows 95. 4 meg of RAM. The is like comparing an 86' Chevy to the starship Enterprise. And Vista was killing it.

I had to reboot it several times over the course of upgrades. The upgrade mechanism was infuriating. There was very little feedback; it would sit at the prompt that it was checking for upgrades at 0% for ten or fifteen minutes at a time. When I thought it had crashed, it suddenly jumped to 40% complete.

Other times it would come up and say I had 4 optional addons (after several rounds of updates completed). Done? Nope. I clicked "check for updates" (again) and it suddenly found another couple of updates waiting.

I was even more agitated earlier when it installed a whole group of updates...twenty or thirty...then I attempted to install Internet Explorer 8. It wouldn't. The install program would just "disappear", no warning, no nothing. I downloaded it four or five times.

I broke down and downloaded the standalone installer to another folder and ran it from there. It failed, this time leaving a link on the desktop with a potential fix. Between that and checking my trusty friend Google, I was told to check Windows Updates first. Then there was a little note saying that Vista with SP1 didn't need this, and IE8 would install fine with Service Pack 1 installed.

No...service...pack...one?

I went to Microsoft's site and downloaded a FOUR HUNDRED MEGABYTE service pack. And installed it.

Then installed IE 8.

You can rightly assume there were three or four reboots involved.

And I nearly screamed when it said there was another 200 megabytes of updates waiting for me after those were installed.

I had to attempt to install those updates about four times. Each time, some installed, others failed due to some vague error. A reboot and retry would yield a little more progress.

You can rightly assume that I was getting more and more agitated at this.

After all these updates, Windows Updates decided that there was a service pack 2 waiting for me.

If you didn't know, most service packs roll previous fixes right in. So if you install service pack 2, you already have all the fixes that came before it. That way you don't have to install service pack 1then 2. You install 2 and get all the fixes since the operating system was released up to that point.

I was incensed and furious. What kind of braindead monkey designed this update system?

All this time I was working on getting the antivirus working. In the corporation we use Vexira antivirus from Command Central. It's not my favorite.

Vista doesn't seem to love it either. I right click on the tray icon and tell it to update itself. The update console doesn't come up. Instead some "interactive service dialog" pops up. Click it, and it takes me to some kind of privileged desktop that hides the things I was actually working on so I can see the antivirus update console.

With a heavy sigh I told it to start updating. It dutifully began downloading a new version of the antivirus. The computer sat for about a minute.

And went dark.

Another "flicker out"? WTF?

I moved the mouse and the login screen pops up. It said my administrative user was "already logged in", but...huh?

I couldn't find any way to shut that off. Unless I keep moving the mouse while in that "interactive desktop", the @#% thing would drop me to the login prompt after a minute or two.

This didn't happen at the regular desktop. Couldn't find a setting to stop this from happening in power settings or desktop settings or the user account.

I would have checked the local user policies, but because of Microsoft's crappy ranking system of their operating systems they don't include the policy editor with their home edition of Vista. Same operating system as their "business" operating system, but artificially crippled by cutting out utilities that could actually help the users in need of troubleshooting...another reason I moved to Linux in the first place. If your system couldn't act as a server it's because the hardware or software couldn't handle it, not because of someone's idea of a fair market or sales policy found posted in their colon or some other artificial limitation in the software.

Supposedly Windows 7 fixes a lot of the usability snafus and glitches. I hear lots of praises for it. The problem is, I don't care. I've had enough frustrations with Windows. I've spent years finding workarounds to various glitches in Windows 2000, then XP, and now I'm expected to leap again with Windows 7.

I'll do it because eventually I'll have to. But I can't enjoy it anymore. I used to be enamored by technology; I loved jumping into the theory behind multitasking operating systems and handles and filesystems. I used to devour articles in Byte magazine that compared various operating systems and how they worked and compared to each other in architecture. I think I still have magazines in storage that had information on the great OS/2 vs. NT debates.

But today it's no longer a question that interests me. The arguments don't focus on usability or architecture so much as how much the OS can be dumbed down for users; the Vista control panel tries to communicate in plain English concepts that for tech people would be much better served with straightforward checkboxes and text boxes for values. I don't need handholding and friendly web-like links asking if I'd like to change my password, thank you.

There aren't any companies really trying to innovate in operating systems. There are three; Apple's OS X, Microsoft's Windows, and Linux. That's it.

There is a convergence in features and eye candy that suck up resources like crazy. I remember my old computer was perfectly adequate for my tasks. Today you couldn't even get a common OS distribution to boot on a system with those specs.

I've played with BeOS, AmigaOS, Linux, MacOS, OS X, DOS (MS, IBM, Novell), Windows from 3.0 to 98 (we don't speak of ME), NT from 3.1 to Vista, Netware, and several small and hobby OS's like QNX and ReactOS and others too small to name here. Today most of the projects are gone. Except, of course, for Windows, Linux, and OS X.

Vista was a reminder of what I hated about this trend. Technology is exciting today with new devices; the Kindle. The Nook. The iPod and iPhone. The web. Operating systems are so bland and commodity that they're not really even worth looking at anymore.

When operating systems frustrated me before it was because of my own limitations and lack of knowledge. I had to expand my understanding of how the system worked in order to bend it to my will. Today the frustration is being designed into the operating system. "Are you sure you want to run this?" "Do you really want this program to run?"

Or all the times I'm searching for a function that disappeared from the previous version of Windows. It's infuriating when I know what I'm looking to do and can't because I have to interpret the "natural language" version of the interface.

Or I have to click to open the C: drive, then confirm that yes I want to see this files, then click on Program Files, and again confirm that I wanted to see the contents of the folder.

At that point I really can't help but re-examine my job duties. It's one thing when I can't get something to work because I'm lacking information. Learn more about LDAP. Learn more about TCP/IP. Learn about priorities and file handles and applications to monitor I/O. Read read read. But to have an operating system act like it knows more than I do, and actively get into my way when I'm trying to configure it or set something up?

I'm tired of it.

And now Microsoft is promising, just as they did with Vista, that Windows 7 is better than anything they've released before.

Yeah, right. I'm going to go back to my corner and browse the web with my iPod.

Windows XP SP3 v. 3264 (Or, "The pre-release version of Remote Desktop Connection has expired...")

Here was an interesting problem today.

I was working on an "import" for a client. By import, I mean this computer technically belonged to another agency that is working within our network because of a leasing arrangement; we didn't set up the machine, but it was on our domain, authenticated to our domain servers, and ran some software we run because it's expected that we babysit the system and maintain it while on our property, but the computer itself isn't owned by us. Clear as mud?

The machine itself was somewhat decent. One of those budget E-Machines, 2.x Ghz with a gig of RAM. Decent enough for most users online chores, running Windows XP. I was annoyed at it since it won't run X on a RIP Linux CD (just keeps stuttering to the command prompt, and xsetup doesn't seem to like the video chipset).

The user ended up needing a home directory set up so they'd not be tranferring a 400 meg profile with them (who's the genius at MS that designed it so that "my documents" was part of the profile? If a home directory is defined, why not make it *automatically* point to that location instead of forcing admins to hack away at settings to redirect it? Stupid stupid stupid...)

No problem. Just open up the RDP client...start,...programs...accessories...click on the client. Voila! What the hell?

"The pre-release version of Remote Desktop Connection has expired. To download teh full version of Remote Desktop Connection, go to Windows Update or contact your system administrator."

Um...okay. Run Windows Update. Nope...no update available there.

Wait, did it say pre-release? I checked the version of Windows. It was Windows XP Pro SP3 v. 3264. I did a double take at that...what's the v. 3264?

Google. It's running a release candidate for service pack 3? Who's the chucklehead that did that? And inflicted it on a technology illiterate user? These are wedgie-deserving offences. Worse, if this draws into a problem where I'm going to go all Hulk on someone.

Google for a fix to the terminal issue. @#%...replace  a couple files under Windows' System32 directory. Didn't work. Replace two .mui files under en-us in the system32 directory. Still no joy.

Weird...

I pulled a copy of the ginormous service pack off our network share and run the setup. Goody. Takes forever, but it actually ran without complaint, and in the process fixed the RDP client. Know what else it fixed? A small flood of back hotfixes and security updates labelled for service-pack-3-no-freakin'-RC-version.

I don't know if the company behind those Walmart special E-machines installed a @#$% release candidate service pack or if their "tech person" did it, but anyone that installs a BETA of a SERVICE PACK on a user's system that is then turned out into the world to fend for themselves should be stabbed with shards from broken DVD's.

If you encounter that weirdo message about the RDP client expiring, try reinstalling SP3. The full version. Not some crippled beta.

Windows Vista and the Administrator

Well, I'm typing this on the eve of Windows 7's release and by the time you read it it will have been out for a month. Nearly.

It's being hailed as the next big thing, perhaps even big enough to erase that abomination that was Windows Vista.

I had occasion recently to have to work on a laptop running Vista Home. Most of the systems where I work are still running Windows XP for two reasons; it works (relatively) well on the cruddy hardware we have, and it is nowhere near as infuriating as Windows Vista.

My task was to clear a password for an administrative user on the laptop because the admin password had been lost.

Believe it or not, this is normally ridiculously simple. I boot with my trust RIP Linux CD, mount the hard disk, and then run chntpw to wipe the password. Reboot to Windows, log in. Done this hundreds of times with XP and have had no problems. Easy peasy.

Given that Vista is largely XP with more hassles layered on...well, okay, given that Vista is still the same basic code base as XP, it still uses the SAM portion of the registry to save password data. Shouldn't be any issue with wiping the password.

I booted, mounted the drive, checked for a /mnt/sda3/windows/system32/config/SAM file, and ran chntpw. Rebooted.

Um...where's the administrator?

Turns out...THERE ISN'T ONE! Surprise! On me!

By default the administrator account is turned off. Instead there's an administrative user account used by the system. Otherwise you have to go and enable it on Vista Home using a boot disk and command prompt. Check it out here.

So apparently I cleared a password for a user that doesn't work. @#$%

I was irritated. This was one of the few constants I have counted on in my administrative duties, having an administrator account available. Systems fall off the domain, systems have issues that necessitate a login to the local machine, now it doesn't work quite right.

I shouldn't be quite so irritated. Many Linux distros have started moving away from having the root user enabled, forcing you to instead use sudo to gain privileges. Ubuntu does it and OS X does it, both of which I use constantly.

I guess my main peeve is that those are systems I use. I know them. I generally can find my way around under the hood. When your job means having a system dumped on you with no back history available and the directive to get it working, though, this adds another layer of frustration since now I have to figure out another piece of the puzzle just to log into the damn thing.

It goes back to usability. One of the strengths of the Mac was that Apple was the most anal retentive companies about how their system appears and how your application looks and behaves. If you ask the user what word is in the upper left corner, it's going to be the active application. In Windows you have to guide the user ever so gently into figuring out which menu bar is highlighted to figure out the current window that is active. Menus may or may not follow the same order (you can imagine the calls and hair loss after Office 2007 was released with their wonderful redesigned ribbon bar for a menu...)

The ability to have a quick and easy way to log in was something I took for granted. No matter which head twitch configured the system or what knob had screwed it up, I could use administrator on the local machine to log in. No more.

I read that windows 7 continued the new tradition. Just another reason to want to cry some days in the tech pits, I suppose. It would be different if more people were knowledgeable about the tools they're misusing, but such is life.

In case you're curious, which you might not be, I did get into that system. I figured out which user from the menu was the admin user and then booted back to rip, and this time used chntpw with the -u parameter to specify the username whose password I wanted to erase. Voila. Worked.

*sigh*

The Mac Isn't Always User Friendly

I really like using the Mac. I recommend home users look at using a Macintosh if they don't have a specific reason to use a PC. They tend to be safer and easier for people to use, and in the end, users don't care about the politics of their operating system. They just want to surf for games or porn and read email. Usually, anyway.

But just as every Batman has his movie Batsuit with nipples and every Star Wars has a Jar Jar, even the best Macintosh has it's horrible albatross. Albatrosses. Albatrossi?

I'm fighting one right now. In order to connect to the network at work from home, I have to use the accursed Cisco VPN client. I hate it. I hate it, I hate it, I hate it. I had in on once long ago and it screwed up my network configuration. I eventually tried using it again and while it seemed to work okay (after getting the correct version, since the version on the router and the version on the computer have to match within certain specifications or it just magically would fail...seems encryption standards apparently aren't standard enough to survive small revisions in version numbers) I am now getting an error about not being able to find an active network connection over which to connect, so the client wouldn't start.

I Googled (over my interface that the Cisco client insists isn't there) and found references to restarting the VPN subsystem from the command line. Okay...tried...can't find it. The logs say it doesn't know anything about that service. Oh dear...

Another reference I found online said to repair disk permissions. This seems to be the new "rebuilding the desktop" for the Mac (if you know that reference you're either a longtime Mac user or a true geek at heart). Seems that every bloody time I find an issue on the Mac the first thing suggested is to repair disk permissions.

What? I've been using Linux before X Windows was run by default at startup. That's right, I had to actually configure X and type "startx" at a command prompt. Both Linux and OS X are, under the hood, a form of UNIX (purists would no doubt get their panties in a twist at that, but tough. For my purposes here it's true enough) and they both use similar forms of permissions on files. I don't recall EVER having to run a utility to fix permissions on Linux. I don't have files randomly changing their permissions. So why is it that under OS X it seems to just decide, arbitrarily, to change permissions on random files?

There doesn't seem to be any rhyme or reason to it.

What I really wish I could do is just run SSH to create my tunnels for what I need to do. The boss said that the Cisco VPN client was superior and decreed that SSH would be cut off. "One less possible vulnerability".

The result has been, for me, far more headache. Not only do I need a special client that is available for certain clients (I think there's sort of a Linux version. Maybe. As long as I am running a certain range of libraries and dependencies that match to their client software) but that same client software seems notoriously flaky and problematic. I have yet to see why this is superior to the old way of using methods that are open standards.

Excuse me while I go rock in my corner while waiting for my "repair permissions" to complete and then hope that it works after a reboot...

Common Sense...Where Did It Go?

Here's a question that burns me. What has happened to common sense?

Maybe this is more of a venting than anything else. The rational part of me says that people do things that seem to lack common sense because I'm not seeing the world through their eyes with their priorities. Maybe my mechanic thinks the same thing about me not seeing the importance of rotating my tires. I don't know.

But some things still just floor me.

I work in IT, as you know. I repair systems and do maintenance and half a dozen other things that are considered gruntwork done by someone off the street even though 99% of the coworkers profess they aren't "computer people" and have no idea how to do what I'm doing. Irony is a good friend of mine.

I was doing a set of updates on a coworker's system. She left the room to do something else, and I had happened to have a schedule to keep (namely wanted to take care of some things at home so I couldn't be an hour and a half late as is often the case). Plus my boss likes making me feel like dirt if I'm "wasting time" by not doing multiple repairs at the same time. So I figured I'd try it his way and let him have the "I told you so" moment.

A reboot of the laptop in question came up and said there were still more updates. This time? Service Pack 3 for XP. I didn't even realize this person hadn't reported it was out of date by this much. She'd apparently had it at home during upgrade times for so long...yikes!

So I started the update. For those who don't know, service packs are big. They're really big. Like on this laptop we're talking an hour of work. So I hit control-alt-del, locked the workstation, and went to another room to get two more tasks checkmarked off.

(Note-locking the workstation means that when the user comes back, it says they have to hit control-alt-delete and log in as the administrative user because the system is currently in use, and if you log in with administrative privileges it warns that the other user will be logged out and unsaved work will be lost).

I didn't think much of it. The user is college educated. She surely can read. I left and came back an hour later, hoping to have it at a point where I could basically button it up until the next day or so to complete other minor updates that wouldn't take anywhere near as long (hopefully).

I came back to a computer that was shut off.

She apparently came in and shut everything off. Mid upgrade.

Again, if you don't know...service packs replace a lot of SYSTEM files. As in, if it was partially working on the system and you shut it down, it could no longer boot. If she shut it off during a file operation, it could have damaged the filesystem as well. Basically she rolled the dice to find out if her computer was completely and utterly screwed up now.

She ignored the warning.

She ignored the fact that I was doing upgrades (she knew I was working on it).

She didn't put two and two together that if I had locked the system and left, I was planning on coming back.

In short, my boss didn't get his I Told You So moment and I had an extra hour of work re-applying the service pack, grateful that the computer still booted after she had cut it off mid-upgrade. I got home an hour later. As usual. And a bit more ticked with yet another reminder of why I spend so much time babysitting systems when doing upgrades instead of looking productive.

Not reading these warnings are right up there with leaving pee on the lip of the toilet seat. It's common sense. Wipe it up. The warning is right there, you knew I was working on it, don't mess with it. The analogy isn't perfect since there are times where you might not notice the pee on the seat thing...but Windows, for all its flaws, will still tell you that the user is still logged in and give you a warning about unsaved work. For the love of $Deity pay attention and think. It's too easy and common for people to just disregard anything "computerized" as being out of their league so they reflexively dismiss whatever it's doing as too complicated. I'm not asking you to give the pros and cons of cooperative vs. preemptive multitasking, just to stop and use your college educated mind to decipher a warning on the screen. Or at least take it to someone else who would know! You have no idea how many people will call the help desk and just say "The computer is giving an error thing," with no elaboration. What does the error thing say? What were you doing?

I'm not magic. I'm not in the movie world where hackers can control airliners using a magic set of commands from a secret supercomputer in the bowels of the Pentagon, and I sure as hell can't divine what your issue is with a few keystrokes and the description consisting of "it gave an error."

Please...I wish people would just take a few moments to use a little more common sense. I'm paid to fix problems with the computer that you don't want to deal with. But still, I really wish you'd give an accurate summary of the problem with what is presented to you...at a minimum, the actual error message, not a paraphrased listing of jargon that you are making up as you go along. Or read the error message for a moment and see that maybe, when it says that a particular user is logged in already, think that it's in the middle of doing something that maybe you shouldn't play with.

I'm venting and I know it. Maybe others out there have had similar experiences, only in different fields. Please share! I'd love to know that this isn't a tech-only phenomena. Or at least not feel like I'm the only one having these issues.

Filtering the Web

Here's a topic that seems to get some people up at arms but the majority...not so much.

My daughter's school, like all US schools (if they want federal funding) must use some kind of web filtering.

I'm kind of torn on that issue; I don't normally agree with censorship, but if everyone approached technology like I do then it wouldn't really matter. I don't really care about what's out there. It's like censoring math or technology. This stuff is out there. Sheltering people from being exposed to it is just pretending it isn't there. And if you didn't realize it already, life ain't like it was depicted in Leave It to Beaver.

I'm continually amazed that television was actually regulated down by the powers that be...the people who had the power to produce TV shows at the time...to the point where it was pretended that married couples didn't sleep in the same bed. Shows like I Love Lucy were considered breakthrough...she got pregnant! And they slept in the same room! I wonder if the two were related?

If you read your history you will find that life was most certainly more raunchy and baudy then ever depicted in media. Hiding this fact doesn't make it magically erase from history.

In my view, in my own little mental world, we can be responsible for what we view and do.

Just as with the real world, there are horrible and wonderful and amazing and scary things on the Internet.

That's my view. Unfortunately, I know some teenagers.

I see the Internet as a vast resource. A library. A diversion. A creative outlet. A medium on which to paint my feelings, my hopes, and find others expressing themselves as well. It's a way to find news and find new ways of thinking about things and ideas and events.

Most people see the Internet as just a toy. It's a way to get free music. It's a way to play cheap Flash games. It's a way to find boobies.

I'm not against games. I'm not against music, or boobies. But that's not all I see the Internet for. Most users that's pretty much it. It's not a tool for creativity, it's an extension of the television set with more possibilities for explosions, violence and boobs.

In other words, it's an extension of passive entertainment.

If others would truly utilize the Internet to exploit the possibility of leaving a fingerprint in our short lives perhaps things would be a little different. Instead it's just a way for people to forever send forwarded messages to each other.

While I don't support censorship and the ethical questions that come into play when you broach the subject, I do think that I've seen way too many teenagers waste time and resources...like their lives...on silly passive activities on the Internet instead of using it as a tool for creating. I think they should earn the right to look at webberboobs. I think they should pay in learning before shifting from drooling in front of the TV to drooling in front of the keyboard.

This is just the 10,000 foot overview on the subject through my glasses. What do you think?

Been Playing on Twitter

I've been playing with my Twitter account a bit. I turned to it as an alternative to Facebook, which seems to be largely a cesspool of stupid non-authoritative "quizzes" and little games that you play and brag about how many jewels you've accumulated or how your virtual garden is doing instead of actually growing vegetables in the real world. The one thing I did enjoy doing...getting updates on people I've lost touch with...becomes overshadowed by crap.
I've been playing with my Twitter account a bit. I turned to it as an alternative to Facebook, which seems to be largely a cesspool of stupid non-authoritative "quizzes" and little games that you play and brag about how many jewels you've accumulated or how your virtual garden is doing instead of actually growing vegetables in the real world. The one thing I did enjoy doing...getting updates on people I've lost touch with...becomes overshadowed by crap.

Before this goes too far off base, I started using Twitter. Here are some observations:

Bots are remarkably prevalent on Twitter. And they get shut down really fast. I was followed within minutes when I created an account by two "hot babes" that wanted to have me "get to know them better". Periodically I'm still being followed by bots. The accounts are shut down almost immediately though.

Some people really like using their celebrity status to advertise. Constantly. One person I respected as an actor kept plugging a product every other tweet. I no longer respect him so much.

I've yet to really find a compelling reason to use Twitter for an actual purpose. It's very possible that I'm simply the most boring person in the world. I hear people like Mur Lafferty and Jeff Atwood say they'll post a question on Twitter and within minutes they get replies. This leads me to suspect that Twitter is a really useful thing if you already have a small army of followers. For people like me...not so much.

I try using it to kind of keep tabs on my day. So far only my wife reads it. My own reader is kind of a pain because many of them apparently don't archive the tweets well or sort them very well. At least blog readers have archives and search.

I do get the occasional useful link or story. There one that Mur posted about that I started following because the woman literally posts new tips for writers every half hour. The problem is the previously mentioned issue with keeping up with the tweets to sort out the useful stuff after being out and about for the day.

Twitter for me seems to be like my blog only on a far more massive scale. While this blog is a small splash in an olympic pool, a tiny little ripple, Twitter is like someone peeing in the ocean. If I'm barely keeping my head above water out here on the blogosphere, Twitter drowns your voice clear out.

On the other hand, I do like some of the things I can find out there. It's a balancing act not to get inundated with information but there are good tidbits to dig out. I'm simply a little disappointed that I'm not a good producer of interesting content.

So is it that Twitter is simply littered with a lot of mind droppings from tweens and people who can't spell until the signal to noise ratio is simply too high to reasonably use if you don

Before this goes too far off base, I started using Twitter. Here are some observations:

Bots are remarkably prevalent on Twitter. And they get shut down really fast. I was followed within minutes when I created an account by two "hot babes" that wanted to have me "get to know them better". Periodically I'm still being followed by bots. The accounts are shut down almost immediately though.

Some people really like using their celebrity status to advertise. Constantly. One person I respected as an actor kept plugging a product every other tweet. I no longer respect him so much.

I've yet to really find a compelling reason to use Twitter for an actual purpose. It's very possible that I'm simply the most boring person in the world. I hear people like Mur Lafferty and Jeff Atwood say they'll post a question on Twitter and within minutes they get replies. This leads me to suspect that Twitter is a really useful thing if you already have a small army of followers. For people like me...not so much.

I try using it to kind of keep tabs on my day. So far only my wife reads it. My own reader is kind of a pain because many of them apparently don't archive the tweets well or sort them very well. At least blog readers have archives and search.

I do get the occasional useful link or story. There one that Mur posted about that I started following because the woman literally posts new tips for writers every half hour. The problem is the previously mentioned issue with keeping up with the tweets to sort out the useful stuff after being out and about for the day.

Twitter for me seems to be like my blog only on a far more massive scale. While this blog is a small splash in an olympic pool, a tiny little ripple, Twitter is like someone peeing in the ocean. If I'm barely keeping my head above water out here on the blogosphere, Twitter drowns your voice clear out.

On the other hand, I do like some of the things I can find out there. It's a balancing act not to get inundated with information but there are good tidbits to dig out. I'm simply a little disappointed that I'm not a good producer of interesting content.

So is it that Twitter is simply littered with a lot of mind droppings from tweens and people who can't spell until the signal to noise ratio is simply too high to reasonably use if you don't already have an audience? Or is the blame squarely on the twitter user if they're not interesting enough to gain an audience of anything that isn't a bot?

I Hate Blogger Usability Bugs (and Website Bugs in General)

I've spoken about neat features with Blogger involving pre-writing blogs and posting them with a "Scheduled" feature so I can write, say, blogs for the next three days and have them automatically appear. I can take a weekend off while still keeping content flowing.

But there are real glitches that, to put it lightly, tick me off.

I decided to find out what would happen if you have a brain fart and forget that September has 30 days. I scheduled an entry for September 31st.

The intelligent thing to do is for the application to see that you scheduled something for 9/30+1 day, and wrap it to 10/1 automatically.

This doesn't work. It publishes it immediately. That review for Diet Myths I did on 9/13? It was supposed to be today's entry.

Oh! I'll go back and edit the date so it appears later on. No harm, right?

No dice. I could probably delete the post and put it in as a new one, but otherwise...nope. Oh, it changed the date alright. On 9/13, when I wrote it the entry was still there but the blog entry was still visible. It just had the date set to 10/1 at the top.

Argh! So what then? Every day it stays at the top, since the date is set in the future, and visitors to the site will see it every day as my most recent story?

Not only is it bad form but my Aspergian mind would probably warp itself until it imploded at seeing something so out of whack. I immediately changed the date back to 9/13 and kept two blog posts for the day, resigned to the fact that I would just have to have it appear earlier than I planned. I filled in the entry that it was supposed to take with a bitching rant on poor usability. This entry.

Seems like Blogger would be better fleshed out. Apparently not. So if you're taking advantage of the pre-dating and pre-scheduling features of Blogger, keep in mind it's too stupid to adjust for your mind farts when it comes to dating items.

Along the same line glitches and bugs can occur in more serious forms. I noticed a bug in my primary bank's website. I was logged in checking on funds for paying bills, a really wonderful fun activity. I saw my wife hadn't transferred funds in yet. I asked her about it, she sighed, signed in on her computer, and transferred some money in so I could pay bills.

I viewed my accounts. No money changed. I viewed account details, and I saw the amount she transferred in; but it wasn't showing up under the totals. I switched views, refreshed, everything. The amount she transferred showed up under details but would NOT show up under available amounts. I logged off the bank site and logged back in, then everything showed up just fine.

Apparently the bank software doesn't handle changes made to the joint account when the two owners of said account are manipulating it at the same time. This is a DEFINITE possible exploit, and given enough time I'm sure there's some way to use this information to a black hat hacker's advantage. At a bare minimum it shows some poor programming protection for the site, and it also is annoying as hell to think they didn't think that it would be possible for a joint checking account to be accessed by the owners at the same time, and apparently it may have issues with handling changes in amounts showing up properly.

I'm sure there's plenty of behind-the-scenes reasons that this is a problem. I don't care. For the end user, this shouldn't be an issue.

That's the end of my complaints for web applications for now. It's a little scary that sites accessible by so many on the webbertubes could possibly take advantage of glitches, bugs, and outright security holes on websites holding my personal information. At worst, they're annoyances, like the one I found in Blogger. It's elementary that the application should compensate for something as simple as the user screwing up a date, and when there's a mistake it should be able to know that the user is trying to schedule the entry to show up in the future and thus if the date is greater than the current date, hide the damn thing. At worst, the site is showing a potential condition that can be taken advantage of, like the one I found with the banking site. It could be innocuous but glitches like that in the hands of math and logic geniuses can lead to some really interesting exploits (don't believe me? Read the story about Mac keyboards having their firmware exploited. Yes, that's right, your keyboard would be used to spy on you.)

Is Your Workplace Proactive or Reactive?

Reactive:

1 : of, relating to, or marked by reaction or reactance
2 a : readily responsive to a stimulus b : occurring as a result of stress or emotional upset <reactive depression>

Proactive:

1 [¹pro-] : relating to, caused by, or being interference between previous learning and the recall or performance of later learning <proactive inhibition of memory>
2 [²pro- + reactive] : acting in anticipation of future problems, needs, or changes

I've been thinking about this in my workplace lately. I've had the revelation that much of my induced stress is related to the fact that my job is largely reactive. In my workplace we are encouraged to respond to requests for assistance and repairs. We are essentially on a treadmill where every day is another pile of problems, and no matter how much extra time you put in there's still another wave that threatens to sweep you away the next day.

I've had my doctor...nay, two doctors...tell me I need to reduce my stress levels. My blood sugar levels (I'm a diabetic...you knew that, though, after following my bariatric surgery progress, right?) seems to fluctuate, in part, in reaction to stress at work.

There's little in the way of a consistent methodology of measuring progress. You may have read this entry on how important that can be in the workplace.

Essentially the work environment is entirely dependent on putting out fires and there's no sign of those fires stopping. Ever. This makes it a reactive environment where we are always reacting to the next problem.

In a proactive environment we invest in the future. We would spend time trying to make things fireproof instead of putting out the fires after the fact. It could mean more training, making things easier for people to use (or for us to fix after the problems become apparent), and/or generally trying to head off issues before they become issues. It means investing time in intangible things like training the employees (including myself) and things that don't necessarily make quantifiable returns on a balance sheet, but improve morale and quality of life.

I work in a semi-professional position. In truth it is professional, but it is regarded as something less, and while it gives me less respect I suppose I do benefit in that I get taxed less for it (yes, we get taxed for having a job. They call it an occupation tax. I have another less family friendly name for it.) But I bet that just about any job can have steps taken to be more proactive than reactive.

This is just a thought that's been bouncing around my head lately. Maybe it's a personal preference; do you work better in a proactive or reactive environment? Which better describes your work environment? And does it affect how you feel about your job?