Miscellaneous Links

Here are a few miscellaneous interesting links.

Far too many programs have a horrendous user interface; I'd like to see more programs pay more attention to usability. This is a problem for both proprietary and OSS/FS programs. User Interface Design for Programmers by Joel Spolsky is a very good description about user interface design. Improving Usability: Principles and Steps for Better Software by Seth Nickell is interesting too. The Nielsen Norman Group has an extensive list of usability reports, user research, and design guidelines. Interestingly enough, useability guidelines are actually very stable (probably because humans don't change much, even though the technology does); about 90% of usability guidelines from a 1986 Air Force report are still valid; several guidelines (about 20%) are less important because they relate to design elements that are rarely used today, but that still leaves about 70% that are valid and relevant around 20 years later. In the OSS/FS world, The Luxury of Ignorance: An Open-Source Horror Story (Eric S. Raymond) is an example of what can go wrong; here's the follow-up, and here's an interesting article on usability by Havoc Pennington. OpenUsability.org is a site on OSS/FS usability. I'm told that "The Inmates are Running the Asylum" is good too. Here are some specific user interface guidelines:

  1. GNOME's Human Interface Guidelines (HIG) (version 2.0 is here)
  2. KDE User Interface Guidelines
  3. The Apple Human Interface Guidelines
  4. Microsoft Windows Official Guidelines for User Interface Developers and Designers

Cluetrain Manefesto.

Free Web Pages.

OpenPKG (packaging system, extends RPM). Interview with Con Kolivas, a practicing doctor who managed to develop a useful kernel benchmarking system (showing that non-programmers can seriously contribute).

Al Viro's description of recovering a seriously hosed Linux system

Unix Code Migration Guide by Larry Twork et al was developed by Microsoft Corporation, and is intended to help developers move from Unix-like systems to Windows systems. However, Wine developers have found that it's also helpful when converting Windows programs into Unix-like programs.

MacOS X tips for Unix geeks

Slashdot discussion of U.S. government development of GPL vs. BSD software

Sweetcode reports on innovative programs; many are interesting, a few are goofy. For example of the latter, see Evil Finder - it creates (silly) numerological proofs of evil.

There are lots of ways to vote (say, for public office or a group decision) where there must be a single winner. The traditional, most widely used, and simplistic approach is when each person votes once for a single choice, and the choice with the largest count wins. This is called plurality voting. The problem is that if there are more than 2 choices, this can product undesirable results (Duverger's law asserts there can only be two parties with plurality voting). For example, a party split can mean that the choice least liked is the one selected! For many circumstances, more sophisticated voting methods can represent far more accurately the will of a group. It can't be perfect; around 1950, Stanford economist Kenneth J. Arrow proved that a completely ideal election method can't exist. The proof is called Arrow's Theorem, and he won the Bank of Sweden Prize (the "Nobel prize in Economics") for the proof. However, although the Arrow theorem is an important theoretical result, Arrow's definition of an ideal voting mechanism is extremely restrictive; less restrictive criteria that are very desirable can be satisfied. Thus, various voting schemes are far better than simplistic alternatives when there are 3 or more options, even though they can't achieve a theoretical perfection. There's lots of information on various voting mechanisms; Electorama links to voting methods. After reading the literature, I think there are basically two especially useful methods: approval voting and Condorcet-based voting schemes.

There are other systems, but they're really not as good. instant runoff voting is relatively simple to explain, but instant runoff has many of the same flaws as the traditional approach. There's another system called Borda counting, but Borda has significant problems with "tactical voting" -- it can encourage insincere voting -- and in some cases Borda counting can fail to elect a candidate selected by a majority as their favorite. Basically, I don't think Borda is a good choice at all. Basically, you shouldn't use instant runoff or Borda; use approval voting or Condorcet systems instead. This technical evaluation of voting methods is very enlightening. I'm looking forward to seeing more Condorcet-based systems; they're currently rare, but they have a lot of advantages in accurately capturing the will of a people.

News about geeks getting political

The law of copyright is valuable, but it currently lacks balance. Phyllis Schlafly's article "Copyright extremists shouldn't control information" One study of copyright found that the mathematically optimum length of copyright is 14 years. And there's an epidemic of copyfraud - fraudulently claiming copyright (there are even people fraudulently claiming copyright over Shakespere's work!). The Center for the Study of the Public Domain has put out Tales from the Public Domain: BOUND BY LAW? -- a comic book that manages explain copyright, and its issues, in a far clearer manner than many dry textbooks. A Fair(y) Use Tale is a video made entirely out of clips of Disney movies, as a way of exposing the nonsense of some of Disney's claims. The Computer and Communications Industry Association (CCIA), a trade group representing Google, Microsoft, Yahoo, etc., has issued a report on fair use; it found that fair use exceptions add more than $4.5 trillion in revenue to the U.S. economy and add more value to the U.S. economy than copyright industries contribute.

A matter of trust - a very nasty flaw in Microsoft Windows has Microsoft suggesting not to trust Microsoft. Also, it notes that "Microsoft revealed for the first time that desktop Windows makes a profit margin of more than 85 percent. To put this in personal terms, for every dollar you spent licensing the OS last year, Microsoft spent less than 15 cents on all Windows packaging, marketing, and, oh yeah, improving the product."

There are some interesting pages available on cross-platform GUI toolkits, including this list at atai.org This Slashdot comment, One thing that everyone agreed on was that you should look at wxWindows if you're doing it. Mozilla XUL should be examined too.

The Wikipedia is developing an entire open content Encyclopedia (and a related dictionary, too) by intentionally working to form a community to build it. This is a very intriguing project. Critical decisions that have enabled them to form this community are the Wiki approach (where anyone can edit anything), a neutral point of view, and the GNU Free Documentation License (GFDL) which ensures that the resulting text is available for any purpose in perpetuity. The entire encyclopedia database can be downloaded, too. Some interesting Wikipedia statistics are available. There are problems when you start using Wikipedia, though....

A Group Is Its Own Worst Enemy is an excellent piece about how groups are different than individuals, and what software that supports groups needs to consider. The OpenSuSE code of conduct references it.

Interesting paper: Creation Myths: Does innovation require intellectual property rights? By Douglas Clement

IPv4 is running out of address space - here's a map of the used IPv4 space.

Here's a great review of the Konami Combat DigiQ remote controlled tanks - I want a pair!

For an up-to-date high-level view of attacks and vulnerabilities, you might want to look at Qualsys Vulnerability RV10 (Real-Time Top Ten Vulnerabilities). RV10 is a dynamic list of the ten most critical and prevalent security vulnerabilities, updated automatically and continuously from a sample of a few thousand networks. The Internet Storm Center tracks which ports are most attacked, and divides attacks by geographic regions.

A history of Murphy's law.

Some projects appear to be impossible, such as solving "NP-complete" problems for a large number of items ("large n"). In contrast, some projects are possible - but unaffordable. Since the late 1980s, I and some co-workers have had a phrase for unaffordable projects: "GNP-complete" problems. They're solvable, but they require a country's entire Gross National Product to solve. Thankfully, many GNP-complete problems can be reduced or simplified so they become affordable, and there's always hope for a breakthrough.

An excellent way to take over a democracy is take control of its voting system. Stuffing ballot boxes isn't new, but now we have a high-tech way to control every ballot box in a country: electronic voting machines. Stuffing physical ballot boxes requires a lot of dangerous work and is hard to to do undetected; changing an electronic value to a "desirable" value can be done by one person in microseconds. And given some of today's unverifiable electronic voting systems, it's impossible to detect that someone has stolen the elections. I'm very concerned about unverifiable electronic voting systems, especially since the manufacturer's leaders appear quite partisan. On November 9, 2003, Boone County received 144,000 votes cast from a pool less than 19,000 from a MicroVote system. They say they found the new numbers - but why are those trustworthy? Independent analysis of Diebold found numerous problems, and internal memos had a number of scary statements. Scott Granneman's "Electronic Voting Debacle" documents many of the concerns. These unverifiable systems are also called "Direct-Recording Electronic (DRE) systems", because they record vote results directly into an electronic system (with no possibility of independent verification or real trustworthiness). Security Analysis of the Diebold AccuVote-TS Voting Machine by Ariel J. Feldman, J. Alex Halderman, and Edward W. Felten did a fully independent security study of a Diebold AccuVote-TS voting machine, and proved that it is very vulnerable to extremely serious attacks. Computer security expert Harri Hursti revealed serious security vulnerabilities in Diebold's software, ones that Michael Shamos (a computer scientist and voting system examiner in Pennsylvania) described as "the most severe security flaw ever discovered in a voting system." Diebold included a "back door" in its software, allowing anyone to change or modify the software, and there are no technical safeguards in place to ensure that only authorized people can make changes. A malicious individual with access to a voting machine could rig the software without being detected. A report on the Nedap/Groenendaal ES3B voting computer found that anyone given brief access to the machine can gain complete and virtually undetectable control over election results - and how radio emanations from an unmodified ES3B can tell who voted what from several meters away.

HBO's "Hacking Democracy" ( "Hacking Democracy" summary here) is a documentary that helps explain the issue to the non-technical.

There's a solution, and that's verified voting - see the verified voting site. The Verified Voting Foundation advocates the use of voter-verified paper ballots (VVPBs) for all elections (so voters can inspect individual permanent records of their ballots before they are cast and so meaningful recounts may be conducted), insists that electronic voting equipment and software be open to public scrutiny, and that random, surprise recounts be conducted on a regular basis to audit election equipment. I would add three things: (1) there must be separate voting stations and ballot readers, where the ballot reader totals are the only official votes (this prevents a collusion by the voting station), and (2) there should a standard paper ballot format; this makes it possible to have independent recounts using equipment from different manufacturers, as well as making it possible to mix-and-match vendor equipment (lowering costs for everyone); (3) there should a standard electronic formats for defining elections and producing results, again to make it possible to dramatically reduce costs by enabling mixing and matching of equipment. The Open Voting Consortium (OVC) is a non-profit organization dedicated to the development, maintenance, and delivery of open voting systems for use in public elections. OVC is developing a reference version of free voting software to run on very inexpensive PC hardware, which produces voter-verifiable paper ballots. Another relevant system is the Open-Vote Foundation; they maintain an OSS/FS program that's already been used for national elections in Australia (under the name eVACS), and they plan to add a voter verified receipt (a critical need). Another interesting article is Bruce Schneier's "The Problem with Electronic Voting Machines" Building a Better Voting Machine (Wired, Oct 18, 2006) has some great suggestions.

In a Slashdot discussion about electronic voting machines, an anonymous reader observed that, even though Diebold had horrifically bad security, there are financial and political incentives for it. "Unfortunately, you're not Diebold's customer. The elected officials who in turn buy the machines responsible for reelecting themselves are Diebold's customers." (Anonymous Coward, "Re:My Perception Has Changed Again", September 5, 2006, 12:51PM). One reply was "It's kind of like television. You are not the networks' customer. The ad companies are the customer; you are the product that is sold to them. Everything else is just flim-flam designed to keep you in front of the tube." (Grendel Drago, "It's like television.", September 5, 2006, 01:24PM).

There are lots of good search engines available, including Google, Teoma, Alltheweb, and AltaVista. See See the Search Tools Chart provided by the Infopeople project (supported by the U.S. Institute of Museum and Library Services under the provisions of the Library Services and Technology Act, administered in California by the State Librarian). MSN.com is really terrible; MSN appears to bias its results to paid sponsors and Microsoft's products, making it a poor choice for most searches. The Nutch project is interesting but not useful as of November 2003.

Paper prototyping is an interesting way to get user feedback.

A very nice summary of how the law works was posted on Groklaw on February 8, 2004: "The trial tries the facts. The appeal tries the trial. The Supreme Court tries the law."

Agenda detection is an interesting article about meetings.

"Toss Out the Toss-Up: Bias in heads-or-tails" by Erica Klarreich reports that coin-tossing is slightly biased to whatever the coin started at, based on a study by by Persi Diaconis, Susan Holmes (statisticians at Stanford University), and Richard Montgomery of the University of California, Santa Cruz.

There's some evidence that U.S. dollar bills (at least $20s) have RFID tags on them.

If you're creating a program and it needs to install on Microsoft Windows, you need an installer. NullSoft Scriptable Install System and Inno Setup are OSS/FS installers for Windows. Also, Microsoft's Windows Installer XML (WiX) is available on SourceForge (though it may not support as many Windows versions). (There's also the proprietary InstallShield, but it appears to me that most users don't care which installer is used - they just want things installed).

I've often looked for statistics on computer security (what vulnerabilities are common, etc.):

A very interesting and innovative approach to user interfaces is segusoland (GPL). Users pick keywords, files, programs, etc. to quickly narrow down the options to tell the computer what to do. Very different, yet compatible with current technology. Neat.

Interested in Koine Greek? Some interesting information can be found in "Learning Biblical Koine Greek" by Lorin L. Cranford. See also Learning New Testament Greek, part of the Little Greek site.

Make sure you're aware of the dangers of dihydrogen monoxide. Laugh, it's funny.

Unisys had been threatening many people if they used GIF (although as far as I can tell, their patents only applied to writing, not reading, the compressed format often used in GIF). According to http://www.gnu.org/philosophy/gif.html, who searched the patent databases of the USA, Canada, Japan, and the European Union, here are the relevant dates. The Unisys patent expired on 20 June 2003 in the USA, but it does not expire in most of Europe until 18 June 2004, in Japan until 20 June 2004 and in Canada until 7 July 2004. The U.S. IBM patent expired 11 August 2006. The fact that two companies (IBM and Unisys) have been allowed to have two separate patents on the same algorithm clearly demonstrates how poorly patents are examined - the patent office couldn't even be bothered to search their own patent database for previously-granted patents. The IBM patent should have been tossed out immediately, since a previous patent already covered it.

The patent system desparately needs an overhaul, and the best start would be to eliminate software patents and business method patents; the problems this governmental interference is causing far exceeds its supposed benefits. The Problem of Software Patents in Standards by Bruce Perens describes many of the serious problems patents cause in standards, and standards are absolutely critical to working IT infrastructures. "What's wrong with software patents?" by Pieter Hintjens does a nice job explaining why software patents are economically a bad idea. Ed Burnette's essay on software patents notes that software patents are one of the worst things to happen to the software industry. Burnette concludes that "The only solution is to ban software patents altogether, worldwide. Copyright law provides plenty of protection for software, just as it does for paintings, poetry, and books." The patent office doesn't do a credible job evaluating for novelty and prior art, but even if they did, the problems caused by software patents far exceed the (supposed) benefits of the system. "A Patent Lie" by Timothy B. Lee, published in the New York Times on June 9, 2007, briefly explains why software patents should be prohibited. Software is already protected by copyright law, which is a system much more appropriate to software. The NY Times article "A Patent Is Worth Having, Right? Well, Maybe Not" By MICHAEL FITZGERALD (July 15, 2007) summarizes research by James Bessen and Michael J. Meurer, who after analyzing a massive amount of data found that patents don't work except in biotech... and that they especially don't work in the information technology industry. The book "Patent Failure: How Judges, Bureaucrats, and Lawyers Put Innovators at Risk" by James Bessen and Michael J. Meurer (Princeton University Press, March 2008) has more. There's no need to have both copyright and patent law control software, especially since there's lots of evidence that patents are impeding instead of aiding software innovation.

"Against Intellectual Monopoly" by Michele Boldrin and David K. Levine goes futher, makes a strong case for abolishing patents and copyrights entirely (their against monopoly blog is interesting). They have lots of useful evidence about the failures of software patents.

The article Patent examiners battle stress: USPTO struggles with hiring, retention issues amid morale problems by Florence Olsen (FCW.com, Jul. 25, 2005) notes that there's an exodus of patent examiners; reasons cited include having adequate time to review patents and no training to perform the task, coupled with a crushing burden of patent applications that are increasing in both size and number. The article based much of its information on a GAO study reporting these many problems, and it also quoted Jason Schultz, a staff attorney at the Electronic Frontier Foundation, who says that under the current rules, "where anything under the sun is patentable, it puts an unbelievable amount of pressure on the patent office." Here's a brief discussion about patents and wireless email; what a broken system!

End Software Patents is an organization that is trying to eliminate the nonsense of software patents.

Groklaw reported that Microsoft's Bill Gates threatened Denmark's Prime Minister Anders Fogh Rasmussen, Economic and Business Minister Bendt Bendtsen, and Science Minister Helge Sander in November 2004, saying that he would move Navision and its 800 developers (Denmark's biggest software success) to the US unless they passed software patent legislation. The Inquirer reported this. Danish Social Democrats responded; here is the FFII response on the Gates / Navision story. Microsoft has since claimed that this isn't so, but it's hard to confirm or deny this; it is clear that some other large companies have made similar threats, so it's not an impossible idea.

The article Reports from the USPTO Meeting - Updated had interesting quotes from the U.S. patent office, as well as interesting commentary about them. For example, Mr. Tariq Hafiz, a patent examiner, explained an examiner's day-to-day life, and an attendee noted that, "One aspect of the life of a patent examiner that came into sharp relief through all of this was the extreme premium placed on time. The USPTO has a huge backlog of pending applications and limited resources, so the amount of time an examiner spends on each application is carefully tracked, and measures (described by one participant as possibly .punitive.) taken against those examiners who don't live up to the norm." One commentor candidately summarized the situation this way: "The clear implication of the statement above is that John Doll is grossly wrong when he states that patent quality is the number one focus of the USPTO: the number one and only focus of the USPTO is the amount of time that each patent examiner spends on a patent. What the USPTO says and what it does are two different things: in everyday English, it's called lying. The USPTO is nothing but a corrupt rubber stamp operation...."

Fortune's "The Law of Unintended Consequences" (Sep. 19, 2005) notes that patents in the medical field are making a few rich, but inhibiting innovation in the process: "The problem is, once it became clear that individuals could own little parcels of biology or chemistry, the common domain of scientific exchange--that dynamic place where theories are introduced, then challenged, and ultimately improved--begins to shrink. What's more, as the number of claims grows, so do the overlapping claims and legal challenges. This isn't merely a hypothetical situation, a 'worst-case scenario' painted by academic hand-wringers. It has already happened, as two professors at the University of Michigan Law School, Michael Heller and Rebecca Eisenberg, observed in a seminal 1998 article in Science magazine... Heller and Eisenberg dubbed this new dismal state of affairs the 'Tragedy of the Anticommons.' And that's what it is--a tragedy that's still in the making." They then note, "it's clear who pays for it. You do. You pay in the form of vastly higher drug prices and health-care insurance. Americans spent $179 billion on prescription drugs in 2003. That's up from ... wait for it ... $12 billion in 1980."

Software patents need to be scrapped; they do far more harm than good to the software industry. But it may be a very long time before they go away - patent lawyers in particular make a pile of money from them, and they make the rules. In the meantime, some people are working within the (broken) legal framework to reduce the unnecessary and serious damage that software patents cause.

Microsoft is making lots of patent threats... yet won't actually say what the patents are, and seems to be conceding that it won't actually sue anyone (what's a threat when you admit you won't actually do anything?). Microsoft is playing with fire here; organizations like the The Open Invention Network aids open source software against software patent attacks. Their mission is to "further software innovation by acquiring patents to be used for cross-licensing purposes to defend the Linux environment - making them available on a royalty-free basis [to those programs]." In short, if Microsoft strikes, they risk a massive patent counterattack, in which their key products (Windows and Office) will suddenly have a wave of patent lawsuits. Lots of individual companies (esp. IBM) have relevant patents too. The Patent Commons documents commitments by various patent-holders to not sue under certain conditions (typically not attacking open source software), which makes it easy for FLOSS developers but dangerous for others. In the U.S., a 2007 Supreme Court ruling that patents cannot be granted to obvious ideas implies that many more software patents are invalid anyway. The "Sue Me First, Microsoft" campaign has a massive number of enrollees. FSF legal counsel Eben Moglen also believes that the Microsoft/Novell deal, combined with a failure to have expiration dates on their vouchers, will mean that FLOSS developers will gain the legal rights to Microsoft's patents anyway (here's part 2 of Moglen's explanation). Also, Eben Moglen explains very clearly the "Be Very Afraid" tour, and why it doesn't work. (There are many other comments about Microsoft's threats as well.) Andy Updegrove has interesting comments on patents. In short, open source developers appear willing to fight Microsoft's fire with fire - and with that sort of threatened pyrotecnic, it's unlikely Microsoft will persue this seriously.

This Laura Creighton interview has an interesting quote: "The tools you rely on to run your business -- being able to fix them when they break -- good idea." (Suggesting that Open Source software is critical for the security of one's company.)

Jim Stogdill's blog is interesting for its discussion about Free-Libre / open source software and government.

For a sobering perpective, look at Earth impact effects (described in Universe Today), which calculates what will happen for a given asteroid impact.

If you're looking for security tools, Local Area Security (LAS) is a bootable Linux CD with a pile of security tools pre-installed. No need to touch the hard drive at all -- just boot and run off the CD. And it even includes flawfinder! Another bootable Linux distribution with security tools is Knoppix STD. LAS fits on a mini-CD; Knoppix STD has more stuff but requires a regular CD. Even if you don't want that sort of tool, they're interesting because they provide an easy way to find a list of OSS/FS security tools.

Securitydocs.com maintains a list of papers on security, grouped by category.

Open standards are critical, but years ago NIST decided that they wouldn't support standards testing any more, and customers typically can't afford to do it themselves. As a result, standards languish untested, and vendor products are often gross in their failure to interoperate. Interesting essays on this (specific to SQL) are available by Peter Gulutzan and Michael M. Gorman.

Thankfully, there are some test tools for standards. In particular, there's just no excuse for invalid HTML or CSS, since there are tools that check them that don't even require installing anything. In particular, sticking with valid HTML is essentially required for accessibility; many in the world have handicaps, and it's unfair to prevent their access by failing to follow standards. I use the W3C validation service, in particular to validate the HTML of my paper Why OSS/FS?, though other services like Bobby exist. The W3C also has a nice link checker and CSS validator.

What's the Matter With Standards in China? notes that "When the question of standards is raised in China, officials and companies are quick to focus on one issue: intellectualy property rights... China's drive to develop its own technology standards (open and closed) is directly linked to its intent to avoid IPR owned by foreign companies... China does not want its innovation, its industrial development beholden to others. And does not want to spend the next 20 years watching royalties and license fees flow overseas. Even pledges not to sue are unacceptable... Hence, its move to open standards, and in particular standards without any IPR... at least one official... maintained that a standard is not "open" if it has any IPR in its specification."

MIT studied the development processes around the world.

Christians are sometimes blamed for destroying much of the literature of the ancient world. However, indiscriminate destruction of ancient literature by institutional Christianity never occurred (and indeed, many worked hard to retain ancient literature). In particular, though Carl Sagan and Gibbon want to blame Christians for the destruction of the ancient Alexandria library, this is a myth; available evidence points to Julius Caesar as the destroyer of the Great Library of Alexandria.

If computing disappeared tomorrow, I'd probably get involved in biogenetics or law, two fields that in many ways similar to software development. Several folks have noticed how similar law is to software development, and frankly I find that a little fascinating. James Grimmelmann has a very good series of articles, "Law School in a Nutshell"; see Part I, Part II, and Part III; this suite uses "Eldred v. Ashcroft" as a way to explain some legal writing. Groklaw.net is always interesting, and Groklaw's legal links has references to more about the law. An interesting summary of what copyright does not cover in software, as determined in various court cases, is given in "Selected Copyright Principles" (appendix A of IBM's "Sur-Reply Memorandum in Further Opposition to SCO's Objections to the Magistrate Judge's Order on IBM's Motion to Confine and SCO's Motion to Amend its December 2005 Submission.") For more on copyright, see the Copyright Navigator: A Digital Annotated Concept Map of the Fundamentals of U.S. Copyright Law by Lionel S. Sobel

It makes no sense when people volunteer their work to others, but those others get exclusive rights to exploit the work. Standards have had this problem for some time - ISO shamelessly exploits the volunteers who write the standards, then turns around and charges exorbitant fees for the stuff it didn't write. ISO actually manages to discourage the use of standards with its foolish policies, which is why the IETF, W3C, and other organizations which freely distribute standards have become increasingly relevant (and ISO increasingly less relevant). The same issue is happening in science. Open Access approaches allow a scientist to publish in a way that's viewable to all, instead of enriching a single company who doesn't even pay the authors. Nature has an articles about open access available as open access.

The Pig and the Box is an interesting anti-DRM tale for children (!).

Here are some interesting articles on Digital Restrictions Management (DRM), misleadingly called Digital Rights Management (you give up your legal rights when you buy DRM'ed products). The EFF's Cory Doctorow has a very good critique of DRM (the PDF version of Cory Doctorow's critique of DRM is very nicely formatted). Another interesting DRM critique is "DRM is a complete lie" by Charlie Demerjian (23 January 2006, The Inquirer). Simon Phipps' article "DRM and the Death of Culture" is also interesting. "Why DRM won't ever work" by Jeremy Allison is a short, accessible article. A Cost Analysis of Windows Vista Content Protection shows the rediculous costs and impositions created by attempting to make DRM work, There Ain't No Such Thing as a Free Lunch (Eric Flint's description on why DRM makes things worse) is an interesting non-technical discussion, and Translation From PR-Speak to English of Selected Portions of Macrovision CEO Fred Amoroso’s Response to Steve Jobs’s ‘Thoughts on Music’ is a fun explanation of what Macrovision really said. The history of the HD-DVD processing code is a great example; attempts to hide the keys for DRM quickly collapsed, and attempts to censor it failed as well. After all, there are many legitimate reasons to have the key (all users need the key so they can play the movies on most equipment, or to legally back up the fragile HD DVDs; Linux users need the key simply to play the HD DVDs that they legally bought).

DRM hit a milestone on January 9, 2007, when the last publisher to produce DRM'ed audio CDs (EMI) stopped doing so. This means that no more DRM audio CD's will be released. For years, manufacturers tried to impose DRM on customers, but with little success. DVDs are already going the same direction - they had built-in DRM, with codes that were supposed to prevent people from seeing DVDs bought in other countries... but now DVD copies are available everywhere, and DVD players that ignore the codes are commonplace. Companies are finally starting to sell DRM-free downloadable files -- so that customers will finally be able to legally buy music with all the rights they are entitled to under the law. By one source, 75% of music problems are because of DRM. Note that Emusic trumpets as one of their advantages that they sell DRM-free music. Customers want products that serve them and their needs. When EMI released what the customers actually wanted - DRM-free music - their sales jumped up.

It's time for vendors to listen to their customers. "How I became I music pirate is one customer's story explaining why DRM is a failure - DRM simply prevents legal uses, ones that customers need, and forces customers to pirate their music. All because the industry refuses to sell what customers actually want.

The Insanity Defense is an interesting page. It notes that "According to a 1991 eight-state study funded by the National Institute of Mental Health, the insanity defense was used in less than one percent of the cases in a representative sampling of cases before those states' county courts. The study showed that only 26 percent of those insanity pleas were argued successfully. Most studies show that in approximately 80 percent of the cases where a defendant is acquitted on a "not guilty by reason of insanity" finding, it is because the prosecution and defense have agreed on the appropriateness of the plea before trial. That agreement occurred because both the defense and prosecution agreed that the defendant was mentally ill and met the jurisdiction's test for insanity. Clearly, the implication is that the insanity defense is rarely used successfully by malingerers. Other studies over the past two decades report similar findings. According to Myths and Realities: A Report of the National Commission on the Insanity Defense, in 1982 only 52 of 32,000 adult defendants represented by the Public Defender's office in New Jersey--less than two tenths of one percent--entered the insanity plea, and only 15 were successful. A similar number of insanity defense pleadings--"far less than one percent"--were entered in Virginia during the same period. A 2001 study in Manhattan (Kirschner and Galperin) noted that over a ten year period, psychiatric defenses were offered by only 16 out of every 10,000 indicted defendants. More than 75% of the time that a psychiatric defense was successful, it was the result of the prosecutors' consent. Out of nearly 100,000 felony indictments during that period, only 17 juries heard arguments concerning the insanity defense and their deliberations resulted in only 4 insanity acquittals. These authors concluded, "if the prosecutor does not accept the defense, the judge or the jury is not very likely to accept it either."

There's a lot of stuff related to the old Apple ][ line. KEGS is an amazingly good emulator of an Apple //gs, and there are many other emulators. Good sources of info include A2-Web A2Central. Free (no-cost) software for the Apple // and Apple //gs lines is available (the list is long). Heck, there's even an Eamon Adventurer's Guild. Unfortunately, for the emulators to run real Apple ][ programs, you need the Apple [] ROMs and operating systems. At least some operating systems may not be as hard; Diversi-DOS is now freely available as a better replacement for DOS 3.3, and an old ProDOS can be downloaded from Apple. ROMs are easy if have an old Apple (millions do), but others have a harder time. Franklin Computer once sold Apple clones with ROMs, but it turns out that Franklin directly copied the ROM code from Apple (which was, not suprisingly, found to be illegal). Perhaps someday someone will create an OSS project to recreate a functional equivalent of the Apple ][ ROMs; even just the ROMs to boot a disk and a computer would be enough for many binary programs. Note: Applesoft BASIC was copyrighted by Microsoft.

Forth is an interesting old language, though not practical for most of today's applications. Implementations could be interactive, take very little memory (a few K for good ones), could be fully understood, and be reasonably fast. But the trade-offs are that programmers have to manage their own stack (instead of letting the computer track it for them), and no typesafety; this is a trade-off that's hard to justify in most real applications today. Still, it's fun to learn, and definitely expands the mind. "Forth: An underview" by Peter Knaggs has a nice summary of it (the books "Starting Forth" and "Thinking Forth" are good too). There are many OO expansions available for Forth; an amazingly short and complete OO extension that works using just standard ANS Forth is called Hype; you can learn more at C2 or netsurf.

Users of Unix-like systems usually need to type in their passwords to log in, and most systems use PAM. It'd be nice to protect data if it's on a laptop that could get stolen, or a system that could be broken into while the user isn't logged in. A nice solution would be to create a PAM module that used the password entered as a key for confidential data (e.g., to decrypt a password or other keyring, or to access an encrypted filesystem). If the decrypted information and derived key were removed on log out, someone who later stole the laptop would have to break the decryption. This might be useful to add to the GNOME Keyring Manager for example.

It's hard keeping track of all the technology news sites. Some show a set (merging using RSS or other techniques), such as Freshnews Daily Rotation.

SCO has made a lot of claims without evidence, but one good thing has come of it: Groklaw. Groklaw has demonstrated the extraordinary power of a place where people knowledgeable in a wide range of areas like information technology, law, and journalism can come together to counter nonsense. Groklaw finds interesting things posted by others, such as Neil Wehneman's Logical Critique of Rob Enderle's "Free Software and the Idiots Who Buy It".

SCO's claims have fallen flat. Earlier on Darl claimed that MIT "deep divers" had found lots of examples where Linux had copyrighted code illegally copied from elsewhere - but when asked to provide evidence to the court, he didn't. Instead, we now have found out that SCO funded a 4-6 month investigation, and their investigation exonerated Linux and other open source software components. On July 14, 2005, an email was unsealed that had been sent from Michael Davidson to Reg Broughton (both Caldera employees) in 2002, summarizing a 4-6 month investigation by Bob Swartz. In it, Davidson reported how the company had hired an outside consultant because "of SCO's executive management refusing to believe that it was possible for Linux and much of the GNU software to have come into existance [sic] without *someone* *somewhere* having copied pieces of proprietary UNIX source code to which SCO owned the copyright. The hope was that we would find a "smoking gun" somwhere [sic] in code that was being used by Red Hat and/or the other Linux companies that would give us some leverage. (There was, at one stage, the idea that we would sell licences to corporate customers who were using Linux as a kind of "insurance policy" in case it turned out that they were using code which infringed on our copyright)." The consultant was to review the Linux code and compare it to Unix source code, to find possible copyright infringement. Davidson himself said that he had not expected to find anything significant based on his own knowledge of the code and had voiced his opinion that it was "a waste of time". After 4 to 6 months of consultant's work, Davidson says, "we had found absolutely *nothing*. ie no evidence of any copyright infringement whatsoever." They had found some places where they were identical, but in all cases that was because they had legally come from a common source (such as X Windows).

The count of the electoral votes for U.S. president is tracked at the Electoral Vote Predictor (run by Andrew Tanenbaum); another one is the election projection.

It would be great to have cheap energy, especially for transportation, so that the U.S. (and other countries) would be energy-independent. Independence Way (by Sam Jaffe) has a very interesting article on cellulosic ethanol and ethanol reconstituters, two very promising technologies. I'd love to see real research dollars spent specifically on promising technologies, to get real solutions (soon!) to the current world dependence on oil.

Looking for great screenshots (for backgrounds, etc.) that also encourage interest in space? A fun site is the Astronomy Picture of the Day; you can go there to see their archives. Examples include Earth at Night (August 22, 2004), Looking Out Over Mars, In the Center of NGC 6559, Northern Lights Moon Between the Stones (of Stonehenge). It's hard to point out highlights because there are so many interesting pictures.

If you're interested in trying out GNU/Linux, it's best to start with one of the better-known distributions, such as Red Hat's, Novell/SuSE's, Mandriva (formerly MandrakeSoft), Ubuntu, and/or Debian. I use Red Hat Fedora Core myself, which works well. But here are a few pointers:

  1. If you choose to install Red Hat Fedora, you might find that you want to install extras, proprietary add-ons, or change its configuration. Fedora Guide has useful info. Older sources include The Unofficial Fedora FAQ, mjm's "Fedora..." articles, Fedora Multimedia Installation HOWTO and the Linux magazine article "Keeping Fedora Ship-Shape". This article about yum is nifty; yum is Fedora's package manager, so improvements in yum help system updates.
  2. You can upgrade Fedora systems in various ways. As of Fedora 9, the new easy way is a network upgrade using preupgrade, as discussed in this interview. You can invoke this through your updater. Before using preupgrade, you should update all packages to the latest version. Here's the old way, which is now obsolete: You can do a network upgrade by creating a "Rescue disk" (which is small), boot it, and update it that way (this way you don't need to create big CDs with all the packages). Here's one of the places to get a rescue disk. You need to tell it where to get the packages, and how; Fedora maintains a list of mirrors. (Here's some more info). E.G., you might say "use HTTP", then "mirrors.kernel.org" for the site, and then /fedora/releases/7/Fedora/i386/os for the name of download point. Those with dynamic IP addresses can just use them. I have statically-assigned IP addresses, so I had to specify them. No big deal if you have a static IP address, but be sure to know your IP address, gateway address, and DNS address; you'll need to give your address in form A.B.C.D/X, where X is the number of bits that are in the network address; 24 is a common value for X. From then on, you can use "yum update -y" as needed to get the latest updates.
  3. Similarly, if you choose Ubuntu, you should grab the Unofficial Ubuntu Starter Guide, which has lots of great information.
  4. GNOME uses a new "spatial mode" which some people hate; if you want to use the browser mode as default, run gconf-editor (you can run it from the GUI by selecting Main Menu/ System Tools/ Configuration Editor) and turn on the /apps/nautilus/preferences/always_use_browser checkbox. You can do this from the command line in one step by typing this command as one line into a terminal: 
    gconftool-2 --type bool --set
  /apps/nautilus/preferences/always_use_browser true
  5. If you plan to install a dual-boot system with Linux and Windows XP on the same system, and install a 2004-era Linux distribution, there's really important information you need about a bug you may encounter. Some mid-2004 Linux releases based on Linux 2.6 (including Fedora Core Core 2 (bug 115980), SUSE 9.1, and Mandrake 10) have a bug that in rare cases causes Windows XP to not boot after a Linux installation. If this happens to you, don't panic; instead, read this article on dual booting that describes a workaround, and how to fix this if it happens (the bottom line is a single command, "sfdisk -d /dev/hda | sfdisk --no-reread -H255 /dev/hda", change hda to whatever your boot drive is in the rare case where it's different). For the few for whom that doesn't work, change the BIOS setting for the drive from CHS or AUTO into LBA (and if that doesn't work, HUGE) (this is per reports from Fedora; don't switch from HUGE to LBA though). The GRUB W2K HOWTO have more technical information. This is a nasty problem, but it's easily fixed, so don't panic. I expect the next releases will fix this problem so you don't have to do this, but it's worth noting for the mid-2004 users. More info on dual booting is available. Or just erase MS Windows; that works too :-).

Red Hat's "Despite Everything, Truth Happens" video is an interesting video pressing GNU/Linux; it starts slow, but it's worth watching through. Here's Red Hat's site for its "Despite Everything, Truth Happens" video. Some of Novell's marketing videos are amusing too.

The phrase "Behold! For now I wear [the] human pants" and variants seems to have caught the web by storm by September 15, 2004. As far as I can tell, this phrase comes from the comic strip The Other Side dated 2004-08-11 (warning: language). (It makes fun of those with delusions of grandeur about something that is actually trivial.) This is an amusing example of a meme spreading. Of course, this is nowhere near as widespread as the silly phrase "All your base are belong to us" which has its own website and and encyclopedia entry. Studying the spread of silly memes might actually help us understand the spread of important memes.

See the Unofficial 802.11 Security Web Page for useful information on wireless security, especially 802.11. NIST's Wireless LAN workshop gives some useful historical information. Jean Tourrilhes has lots of useful information about Linux drivers and hardware for wireless cards (802.11 series, including 802.11b and 802.11g)

The Linux kernel developers have a controversial policy: All kernel drivers are part of the kernel, and the interface between drivers and the rest of the kernel can be changed at any time (see the stable API nonsense document for more information). Well, it's actually not controversial to the Linux kernel developers; it's controversial to proprietary driver developers and the microkernel community. The Linux kernel developers don't want to be stuck with an unchangeable interface; it often needs to be changed. The main reason to do otherwise would be to support proprietary drivers, but proprietary drivers can't be fixed by the kernel developers, so for reliability's sake it's better to inhibit their use. Those who do the work should have the right to decide their rules, but there's some evidence that this is actually sensible. First of all, there's the evidence that a vast number of Windows crashes are actually because of buggy drivers; Linux reliability numbers are far greater, suggesting that their approach is producing less buggy drivers. (Microsoft has developed many tools that try to compensate.) But here's another source suggesting this isn't insane... X Windows. Keith Packard's comments about X Windows noted that the "policy of splitting the X drivers from the core server has not worked as well as they would have liked. It adds a whole set of API compatibility issues between the two, making it hard to develop and release improved versions of the server. Keith now thinks that the Linux kernel developers got it right by keeping drivers inside the kernel." Now I do think that the microkernel folks do have a point - there's no need for drivers to have unregulated control over everything. But that doesn't require fixed interfaces; a simple language that specified "what access rights are needed", that was enforced when running a driver, would suffice.

There are all sorts of interesting articles on lessons learned from developing OSS/FS programs. Linus Torvalds has posted his recommended Linux kernel management style. In 2004 Alan Cox described how to develop better software.

Under the "life is strange" category, there's a silly cartoon about Richard Stallman weilding a katana... and soon afterwards, people actually bought Stallman a katana to go with the joke.

In October 2004, Michal Zalewski posted a pair of postings to Bugtraq about web browsers: Web browsers - a mini-farce and Update: Web browsers - a mini-farce (MSIE gives in). He wrote a program (mangleme) to generate random output, and found that web browsers crashed quickly when given this random data. Internet Explorer (IE) lasted a little longer, but not really very long, and his test seems to have been unusually gentle to IE (it intentionally avoided CSS, which happens to be one of the main problems in IE). Thankfully, it appears that the Mozilla folks worked quickly to fix the problem. Mozilla bug report 264944 shows that the Mozilla developers quickly found and fixed the problems, and one person said: "I used the last three days and now tested several thousand garbled pages. Since the fix of bug 265404 the tool didn't find any new crashers. I guess Michal has to come up with a new version. :-)" Hopefully the IE developers will quickly fix their problems too!

The Gadget Gap: Why does all the cool stuff come out in Asia first? by Jeff Yang (special to San Francisco Gate, Thursday, December 9, 2004) should worry the U.S. -- the increasing gap between the innovations only available in Japan, none of which are made or even available in the U.S., is concerning.

I did a little searching on how to filter out porn images and other nasties, if you don't want them. I found a OSS/FS implementation of an algorithm to detect porn images, based on a larger project to detect 'bad' things called POESIA. You can see an academic paper on POESIA as a whole Also, SourceForge has POESIA software; see the "ImageFilter" and "Java" subdirectories for code, and "Documentation" for - well, you can guess. POESIA can also detect certain symbols, like swaztikas, if you want it to. There may be other such tools; this is just one I found. On a related topic, you might find the article A parent's guide to Linux Web filtering by Joe Bolin (July 1, 2004) interesting as well.

The Programming Language Popularity: The TCP Index for December, 2004 is an interesting survey of Programming language popularity; it's teh TIOBE Programming Community Index. There are lots of others, if you like that sort of thing.

A wonderful page for computer people is Abbott & Costello Routine (for computer-buying).

The English index for the Wiktionary gives a nice quick way to access the Wiktionary for definitions.

Bill Boswell's Linux-Windows Single Sign-On describes how to configure Linux-based operating systems so they'll use Windows' proprietary Active Directory service (so you can centrally manage accounts to do single sign-on).

"The Lord of the Rings Symphony" Choral Text Translation

Lessig, Creative Commons, and My Life Changed is an interesting tale about experience with the Creative Commons license. Joe Gratz does a good job explaining the Creative Commons licenses.

Optimization is sometimes necessary, but too many people forget to measure before optimizing. A far better example is the experience of people who use bootchart -- a tool to help visualize what happens when a Linux/Unix system boots. Various distribution implementors have used this tool to speed up booting, and its output is also interesting for showing what happens when a Linux/Unix system starts up.

Let's use the term "hirabah", not "jihad", for the terrorist acts being done in the name of Islam, and call a spade a spade. In "All Things Considered", January 7, 2005, commentator Anisa Mehdi says that "Jihad" means "spiritual struggle," not terrorist attack. Instead, she suggests using the word Arabic "hirabah" ("war against society") instead. Indeed, six Islamic scholars in the Middle East and North America on September 27, 2001, issued an Islamic legal opinion (fatwa) stating that "the terrorist acts [of September 11, 2001] ...considered by Islamic law...[constitute] the crime of 'hirabah' (waging war against society)."

"Trusted Computing" Frequently Asked Questions (FAQ) by Ross Anderson has lots of very interesting information on trusted computing (or as the FSF calls it, treacherous computing). This is a controversial approach to transfer control of your computer from owners to vendors.

The Open Graphics Project is an interesting project to create a video card especially for OSS/FS systems. This interview with Timothy Miller has more information. You can also see the project Open Graphics Project mailing list. More information can be found on the mailing list front page and the bottom of the interview. More recently, it's been spun off to be its own independent project.

The Free Lunch Is Over: A Fundamental Turn Toward Concurrency in Software is an interesting (and I think fundamentally correct) analysis of a major trend in computing: software will have to increasingly be designed to be concurrent, because that will be the only way to best use the power of the next generation's computers. The Open Clip Art Library has lots of public domain clip art in PNG and SVG format.

Here is the programming documentation for the GNOME Developer Platform Libraries; including glib.

Infinite Matrix is an interesting collection of science fiction short stories available on the web, and is periodically updated.

There are various info sources for getting a laptop to run Linux. If you don't want to do the fiddling yourself, several organizations will sell you a laptop with Linux pre-installed, such as Emperor Linux, Xtops, and Linux certified. Wal-mart sells such things too. Tuxmobil is a good place for general news, information, tips, and so on, including the Linux Mobile Guide and general info about laptop manufacturers and Linux. The website Linux on laptops links to lots of information and tips on getting Linux systems to run well on various specific laptops (useful if there's some trick to installation, or a caveat on something that doesn't work well); before you buy a laptop, look there for information about that particular model. One blogger lists a few places for information. And here's a list of resellers.

An extremely important development is the OpenDocument standard, which is now an approved OASIS committee draft. Wouldn't it be wonderful if you could actually access the office documents that you've created, without its formats being controlled by any single vendor, so that you could pick the best product for your needs? The Future Is Open: What OpenDocument Is And Why You Should Care by Daniel Carrera (January 30, 2005) is a good Groklaw article that explains why OpenDocument is important. Here's a little information on what's been going on behind the scenes. And here's a list of word processing products supporting OpenDocument: StarOffice and OpenOffice.org, KOffice, Software GmbH's TextMaker (who asked "is anyone using Microsoft Office XML for anything?"), AbiWord, and IBM's Workplace Client Technology. OpenOffice.org and StarOffice include import/export filters for Microsoft's .doc and Corel's Word Perfect formats, so they can be used to transition between them. Ross Gardler (of the Apache Forrest project) has other notes about the OpenDocument project, including that it's a terrible format - he notes that the Apache Forrest project has plugins for using OpenOffice documents as input to the Forrest processing pipelines, He also reports that OpenDocument's main competitor, Microsoft's "Office XML", it a terrible format: "the Burrokeet project [found that it's] easier to use OOo as a headless server that can convert MS Office to OOo format and then work with the OOo XML files...". In contrast, Ferdinand Soethe said, "I'm impressed how easy it is to work with oo-xml". Although they started to work with MS XML, it appears they plan to deprecate that work, and switch entirely to using just OpenDocument. Simon St. Laurent says Office XML is an alpha release; "the structure of what you get is amazingly twisted, and it's painfully obvious that WordprocessingML (formerly the catchier WordML) is a serialization of internal structures in Word, not an XML vocabulary designed by people who actually care about working with XML." Gardler agreed wholeheartedly. Groklaw's "The Great Massachusetts Legal Donnybrook" (subject line "Evaluating Massachusetts' Open Formats Proposal") reports on government should not standardize on Microsoft's XML format. And Gary Edwards has explained that OpenDocument is able to handle everything in Microsoft Office's binary formats; the problem is that OpenDocument is so capable that Microsoft Office can't handle everything in OpenDocument. Four legs good, two legs bad! has an interesting way of putting it.

Here's how to get some information about how OpenOffice.org's spreadsheet and Excel store their data. OpenOffice.org has specifications for how Excel stores its data. In addition, OASIS' committee on OpenDocument has lots of good info on the OpenDocument format. Note that Ximian has a nice LXR setup that lets you easily surf the OpenOffice.org spreadsheet source code. Of particular interest is OO.o's compiler.cxx.

OpenOffice.org is already much better than Microsoft Word for large academic works, for at least two reasons. First, it has a working master document capability. Second, it has much better support for complicated bibliographies and references (it uses a database for the references, so you can auto-generate the bibliography with the right format). This work has been the result of the the Bibliographic Project, which is working on still further improvements.

The ISO process that accepted the Microsoft XML (aka OOXML or EMCA 376) was a nasty sham. ISO seems to think it now has some control over the specification in order to fix the massive number of errors in Microsoft XML aka OOXML aka Ecma-376 aka ISO/IEC 29500. Nonsense; Tim Bray exposes that idea as an ISO fantasy.

For more technical information on file formats, Wotsit's Format has a collection of technical information.

Phishing browser defences is a nice overview of that topic. I still think letter coloring is helpful for the LARGE number of people who NEVER use non-Latin DNS names, but it's a good summary of the alternatives.

If you own an Internet domain, DNS Report does a nice job of some automated checks for common DNS problems.

Here are OSDL Enterprise Linux Summit papers (I haven't had a chance to see them yet).

Here is an interesting URL: how to become a Sony Playstation 2 developer.

unionfs is a nifty Linux filesystem. It's a stackable unification file system, which can appear to merge the contents of several directories (branches), while keeping their physical content separate. Unionfs is useful for unified source tree management, merged contents of split CD-ROM, merged separate software package directories, data grids, and more. Unionfs allows any mix of read-only and read-write branches, as well as insertion and deletion of branches anywhere in the fan-out. To maintain unix semantics, Unionfs handles elimination of duplicates, partial-error conditions, and more." Knoppix 3.8 uses Unionfs. Besides papers on their website, there's a Linux Journal article about unionfs.

High-Pressure Steam Engines and Computer Software by Nancy G. Leveson compares the state of computer software with steam engines long ago.

People will write about anything; here's an essay on how to destroy the Earth, which thankfully is hard to do. A related essay describes how to move it.

The Free Standards Group has been quietly working on making sure that people can create a single binary and have it run on all Linux distributions, through the Linux Standard Base standard. On March 21, 2005, they announced even more support for the Linux Standard Base (LSB) standard.

de.lirio.us is an OSS/FS version of de.licio.us, but it's OSS/FS (they share both the data people give them, as well as the implementation software itself). Here's a description of how it works:

What do you do with it? Post website addresses you find interesting, tag then with keywords like "spain", "dog", "ipod", "posters", etc as appropriate. You can also includes a brief description, and longer detailed notes (these can also be blog posts.. more later).
How to get started? Register, login, go here drag those links to your browser's bookmark bar, find a site you want to bookmark, or show others, hit those links you just dragged & it will give you a form. Fill it out, hit save & off you go.

The latest idea for e-Passports is to have them transmit (in the clear!) all their incredibly private data, and then pretend that a few strands of fiber will prevent the problem. Of, say, getting killed or kidnapped. I commented about the grave risks of RFID e-passports earlier, saying that this Department of State plan is going to kill people. There's now a site dedicated to revealing these issues: RFIDkills.com. Wired noted these concerns, as has Slashdot.

How to deconstruct almost anything is a wonderful expose about deconstructionism and postmodernism. Alan Sokal's articles on the "Social Text" affair is enlightening; while I doubt I'd agree with some of his politics, I completely agree with him that there are truths (and non-truths) that are not merely "social constructs"; this rejection of the existence of (and search for) truth is a repugnant, debilitating blindness that causes much misery.

Linux-Tiny is a project (a series of patches) against the mainline Linux kernel to reduce its memory and disk footprint, as well as to add features to aid working on small systems. In some sense, it appears to be a staging ground for ideas for small systems.

Understanding memory usage on Linux explains the often-misunderstood issues of memory usage. The "ps" command is often misunderstood; much of the memory "used" by a process is actually in shared libraries that are shared among multiple processes.

Here's an article about setting up a tax-exempt non-profit.

If you want to follow kernel development in great technical detail, you can take a peek at the kernel.org git repository.

Branching and merging with git gives a nice overview of the topic.

OpenOffice.org (OOo) is amazingly compatible with Microsoft Office. When there's a Windows/Linux problem, I've found that often the real problem are missing fonts, not the program itself. Both programs will substitute other fonts for missing fonts, but the other fonts have different sizes and the results are often disappointing. Fonts are unfortunately a complicated subject. Optimal Use of Fonts on Linux explains much for Linux users. If you're using OpenOffice.org, and want to avoid proprietary fonts, the Bitstream Vera package seems to be the way to go; all OpenOffice.org installations have this font, and the Bitstream Vera fonts can be freely shared, modified, and redistributed. If you want maximum portability with Windows users who use Microsoft Office, use a Microsoft font, since those are the only fonts that you can be sure they'll have. You can arbitrarily install the Microsoft fonts package on other systems and then use Arial, Times New Roman, Verdana, Tahoma, and LucidaTypewriter; however, their license apparantly makes it not possible for for-pay distributions to include them directly (you have to install them separately, which thankfully is easy to do). Here's a source for Microsoft's True Type core fonts on Linux, and here they are prepackaged in RPM format for Fedora Core. Scribus has a list of fonts, and the Unicode Font Guide For Free/Libre Open Source Operating Systems has useful info too. The STIX fonts project may produce useful results in this area; we'll see.

You can get online the standard for the C programming language as of 1999, e.g., "C99".

The EFF legal guides for bloggers is helpful if you need it.

The Underhanded C Contest is interesting -- Slashdot has more.

It sure would be nice if we could speak in one language and have everyone understand it. Blueprints for Babel discusses various constructed languages and their problems. Here are some interesting essays. Personally, it looks like English is winning that race. Simplified versions of English are more likely to win than fully constructed languages, I think, if it's important to modify/simplify a language so that people can learn it more easily. For example, Special English is used by the Voice of America. Basic English is a more tightly-controlled version.

The major label music cartel complains that everyone should pay extreme amounts of money because the artists need to get paid. Well yes, it's a good idea to pay the artists. But many of the cartel's statements appear to be lies as well. Steve Albini's essay "Major Labels: The problem with music" (alternate site) has way too much swearing, but it has a valid point. And the point is... the major labels make sure that music artists never get (really) paid, through a long list of unethical practices. It's often a modern (and legal) form of slavery. No wonder so many artists are willing to give their music away, or don't care if their music is copied ... they make about as much either way, and more people hear hear their work if it's copied at no fee. What's more, freely-available music is getting increasingly better way as a way to noticed, and unlike label deals, the artists are free from slavery to the label. The Indie Band Survival Guide discusses an alternative. The fights between RIAA/MPAA and file sharing networks that encourage piracy, (like Grokster) make me feel really uncomfortable; it's more like watching two thieves in battle. I do not like systems like Grokster's, but I'm unable to side with RIAA/MPAA (who may act legally, since they've purchased the law, but they don't act ethically). What's really needed is for the cartels to actually provide what consumers want -- music they can easily download and own. By own, I mean it's not just rent (if you stop paying you keep your music), and you can use it with all the devices you own (so you can listen to it on your various devices, including a patent-free Linux system). If you buy a player from vendor V, you should be able to place the songs you own onto that player... even if it's a different vendor. Formats that require you to pay a monthly fee to keep using your music are not okay, because that fee will keep escalating once everyone's locked into it. Formats that lock music to a particular device, and try to make sure that you can't share your music among all the devices you own, are unacceptable; people buy new devices all the time. Apple's iTunes has historically locked you into their products; many people avoid them for that reason, and there will be a lot of unhappy people in the future when they find out that they have to keep re-buying their music. (That's changing recently, thankfully.) They won't do it -- they'll "pirate" the songs they already paid for instead. It's time for the music industry to provide what customers actually want; the fact that piracy networks keep springing up is a wake-up call that they are failing to provide what customers actually want. Sure, you can use prohibition-era tactics, but wouldn't it be better to sell the music instead, in the forms the customers actually want?

Their outragious intimidation tactics, in an effort to prop up their failed business models, has meant that the RIAA (Recording Industry Association of America) and MPAA (Motion Picture Association of America) are together often called the MAFIAA (either the Music And Film Industry Association of America or the Movie, Art and Fiction - Intimidation Associations of America). MAFIAA is obviously a derogatory term, but here's an example of the sentiment posted by Esion Modnar: "More and more, I associate the *AA with the Mafia. Their real source of power is intimidation, usually through carefully chosen lawsuits against financially unprepared defendants. (First Amendment? Not if it goes against *AA interests! *AA uber alles!! Sieg heil!) Oh, and strategically placed 'campaign contributions'". Here's another example.

Brian McConnell's article "Back to the Future - Morse Code and Cellular Phones" makes the interesting argument that the way to improve mobile phone text messaging is to allow users to use Morse code to send messages. (Others have since noted that the "buzz" of a phone would let you receive messages in Morse code without looking at the handset). In a text messaging speed contest, 93-year-old telegraph operator Gordon Hill used Morse Code to resoundingly defeat his opponent (13-year-old Brittany Devlin).

Bruce Schneier explains lock-in clearly.

"Public discourse under way over definition of "open"

Paul E. McKenney's 'attempted summary of "RT patch acceptance" thread' summarizes different approaches for implementing real-time scheduling in the Linux kernel; it's a very nice summary of the different approaches.

Need a MUD client? Telnet obviously works, but why stay there? If you want a basic console-type MUD client with a few extras (triggers and such), there are lots of nice clients. Indeed, for tty-style MUD client, there is an embarrassment of riches. TinyFugue is an old tried-and-true favorite for the console crowd; you need to compile it on some systems, which is no problem for me but others will want a nicely prepackaged program. There are many GUI-based MUD clients with lots of features (and users). Highly-rated ones (according to Freshmeat) include gMUDix, Kildclient (version 2.0 was July 27, 2005), KMuddy, and kmc. Some clients have problems; KMud has some nice features, but depends on an archaic version of Qt (a problem for modern systems), and development halted long ago; Papaya might be nice, but at least as of July 2005 it won't install from source on Fedora Core 3.

But I wanted a MUD client with automapping, and that seems to be trickier. The well-rated ones I listed earlier have lots of features, but they do not have automapping. I use Fedora Core usually, so I went hunting and here's what I found. One worth trying is MUD Magic; it's easy to install on the Fedora Core distribution for Linux, as long as you first install sqlite (SQL lite library) for Fedora Core; sqlite is part of the "extras" in Fedora Core 3. Its user interface frankly isn't all that intuitive; you really have to hunt to change font size, the opening commands aren't obvious, etc. Still, it has some nice functions... and it does have an automapper. MUD Magic's automapper plug-in is terrible, though. The automapper gets trivially confused (if you give a direction it "maps" even if the MUD responds you can't move that way), editing maps essentially doesn't work, and it often hangs or loses its mapping work. Note that if you're invoking MUD Magic through a GUI, it's placed in the "Network" (Internet) group, not in the games group. There seems to be some convergence going on; Tomas Mecir (author of KMuddy) and Mart Raudsepp (current lead for wxMUD) have contributed to MUD Magic.

But I've had even less joy with alternatives. Gnome-MUD (aka amcl) looks like it might be useful, but I had trouble getting it to run on Fedora Core 3 (it compiles, but doesn't run for some reason); it appears development has stopped, too. I've compiled it with: 

./configure --prefix=/usr
, as is usual on Fedora Core boxes. Then make, as usual. The "make install" takes forever to update the documentation (for scrollkeeper). Running the program (it's at /usr/games/gnome-mud) just fails with the message: "The default configuration values could not be retrieved correctly. Please check your GConf configuration, specifically that the schemas have been installed correctly."

SMM++ Mud Client is older, but has reasonable ratings and has an automapper (see Freshmeat's entry for SMM++ MUD client). But this is an absolute monster to install -- I haven't succeeded, and others have had trouble too. The problem is that it depends on really old stuff that has radically changed, and SMM++ hasn't been changed to follow suit. It depends on itcl, which on Fedora Core is a real pain to install (why it's not included, I don't know; it used to be). Even worse, it particularly depends on "itkwish", which is no longer part of itcl. (so you have to install a version of itcl that has itkwish; many do not.) You work to install itcl, but it's a pain. You have to first install tcl-devel and tk-devel, but that's easy: "yum install tcl-devel tk-devel". Then itcl's installation on Fedora Core requires that you do this: 

"./configure --prefix=/usr --with-tcl=/usr/lib --with-tk=/usr/lib"
but even that's not enough. I abandoned this after a while -- not worth it.

It appears that you can get fired for choosing Microsoft. Jesse Burst reported on July 25, 1998 about one person who was fired for choosing Microsoft. about one person (Scott Barker, of Proctor and Gamble), who went to a Microsoft-sponsored workshop and because of that decided to replace the company mainframe with Microsoft Windows systems. That cost $1.5 million just for the initial software purchase. His boss, Matt Kiyuck, then found about Linux, and "realized that we could have saved millions of dollars in new software and hardware if we had gone with Linux instead of NT. Needless to say, Scott Barker received a pink slip the next day." The moral seems to be: If you're making decisions with big ramifications, make sure you consider all your options. Don't just buy a product because many other people use it, or because they seem very nice in their workshop. Frankly, as described it makes sense; if someone's job is to carefully make a major multi-million dollar decision, and they don't consider their options, they do deserve to be fired. The source here is a little suspect; they often run humor articles. Yet it's not clear they're kidding in this case; the identification of particular people and organizations (by name) is usually not done with made-up articles. I'd love to confirm or deny this story.

Drunkenblog has a lengthy discussion justifying the claim that Maui X-Stream has illegally copied code into its products. The author claims that since GPL'ed code is often given away, then there must only a civil case. I doubt that; many people use the LGPL and GPL licenses because they expect to be able to see and use the source code of any publicly-released improvements. Since a proprietary program doesn't release its source, I suspect an author of a GPL program could sue for the value of all improvments made to the program, but illegally witheld, as well as the money acquired from sales and the legal costs of the suit. You can use programs like SLOCCount to estimate costs. When a small GPL program is inadvertently included in a big program, it's usually worked out amicably, but when a vendor intentionally tries to defraud the world, the vendor should expect to get in trouble.

The audio format Ogg Vorbis appears to be gaining ground. A CacheLogic survey found that 61.44% of current peer-to-peer traffic is video, 11.34% is audio, and 27.22% belongs to other category. Of the audio, 65% (by traffic volume) are traded in the MP3 format, and 12.3% are in the open-source OGG file format. I don't know how much of that is illegal, and I don't condone any that's illegal. But clearly Ogg Vorbis (Ogg'd primary audio format) use is increasing from the near-0% of years past.

In August 2005, Department 1127 (where Unix was developed) finally disbanded. It's unfortunate; basic research in IT is basically unfunded at this point. Commercial organizations (like DEC labs, XEROX PARC, and now Dept. 1127) are gone, and other organizations like DARPA don't do much either now.

Is Your Boss a Psychopath? is an interesting read; here's the quiz.

Online or Invisible? by Steve Lawrence make a critical point: "Articles freely available online are more highly cited. For greater impact and faster scientific progress, authors and publishers should aim to make research easy to access." Unfortunately, many academic organizations are still stuck in the stone age, trying to charge for articles and thus make money on stuff they didn't write and don't pay the authors for. It's time to stop. If the problem is that you need money to pay for printing the documents on paper, then the solution is obvious: stop printing them on paper. Almost no one wants them on paper any more; they want the electrons. If your goal is to make free money by exploiting other people's work, while not paying them and not providing a critically valuable service that you pay for, that's frankly unethical. Stop. (Having unpaid people peer review the article obviously doesn't count as a service -- you're not paying them either!) That doesn't mean all written works should be free; I very much believe in authors getting paid for their work. But then make sure the authors get paid for their work; generally authors of academic papers don't get royalties or other real payment from their article. If the authors aren't getting paid for their work, then it makes no sense for there to be a charge. There's simply no need for the paper mill infrastructure anymore in academic works. If someone wants a paper version, let them download and print it in the way that's best for them. It's time to get almost all academic works freely available on the Internet.

Feedvalidator.org validates RSS feeds.

The Six Dumbest Ideas in Computer Security is a funny, yet serious, look at security antipatterns... the things we shouldn't do, but too many people do.

OpenOffice.org is really great. Nosy people like me like to know when the "next versions" are going to be released, and searching doesn't often reveal the answer. The best way to learn about release work is to see the OpenOffice.org release mailing list, where people discuss if or when to release new versions. Here are some tutorials about OOo's database capabilities.

I think OpenOffice.org and other OpenDocument-implementing systems should add collaborative editing capabilities like a Wiki. See OOo issue #54987 for more information. Also related is Towards XML Version Control of Office Documents. There are various other kinds of collaborative editing. You could share a mouse and keyboard in real time (like SynchroEdit), but that's probably better handled by a more general tool. You could also have a lock-based system, where only person can edit at a time... that's obviously simple, but limiting in many cases. The KOffice page on Collaboration is relevant too.

Here's how PR firms really work; very interesting, and a little scary too.

Here's an article on how to eliminate red eye using the GIMP.

The Thunderbird email client (a companion to Firebird) is nice, but you can reconfigure it depending on your needs. Thunderbird likes to do HTML mail, which I don't like receiving; Here's info on how to make Thunderbird send plain text in a nicer way. Here's Linux kernel info on how to reconfigure email clients to send patches. If you display headers and there are too many to display, the scrollbar for expanded message headers extension helps in this case.

Here's the cartoon "Both Sides" which captures a simple truth in a funny way... if you believe that "both sides" are always equal, then you have given up the ability to think.

"'Moderate' mobs and the newspapers that abet them" by Charles Krauthammer discusses the Muhammed cartoons and free speech (Feb. 9, 2006) and shows the nonsense that comes from a lack of courage about free speech.

The term "to betamax" is interesting. It seems to have been making the verbal rounds for a while, but tracking it down in written records is tricky. AlistairMcMillan re-added this snippet to the Wikipedia article on Betamax on October 7, 2005: "The VHS format's defeat of the Betamax format became a classic marketing case study, now identified with the verbal phrase 'to Betamax' , wherein a [[proprietary]] technology format is overwhelmed in the market by a format allowing multiple, competing, licensed manufacturers, as in: 'Apple Betamaxed themselves out of the PC (Personal computer) market.' Sony's confidence in its ability to dictate the industry standard backfired when JVC made the tactical decision to engage in open sharing of its VHS technology. JVC sacrificed substantial potential earnings by going the open sharing route, but that decision ultimately won the standards war. By 1984, forty companies utilized the VHS format in comparison with Betamax's twelve. Sony finally conceded defeat in 1988 when it too began producing VHS recorders." But it doesn't seem to have originated then; copies of the article from April 2004 had this text snippet.

Here's some musical silliness. First, see The Llama song. Then, for a parody of a silly song, see The Sawyer Song (here's an article about the Sawyer song, and here are the Sawyer song lyrics).

Interesting research - OpenAnalysis is a tool to capture information about programs; the OpenAnalysis wiki has more about it. We'll see if much comes of it!

Here's an article on how to create a software development environment by integrating Bugzilla, Subversion (SVN), MediaWiki, and mailing list software.

ACL2 is pretty neat, but when Red Hat Fedora Core 3 added some features to improve security, they unfortunately interfered with GNU Common LISP's (gcl's) ability to run ACL2. Here's A patch to gcl is known to fix ACL2 / GNU Common LISP on Fedora Core, along with a positive testimonial.

Advanced Programming Languages links to all sorts of things, if you're interested in programming languages (in general).

My blog is listed in various places. One place that's interesting in its own right is Planet FLOSS Research, a "meeting point for Free/Libre/Open Source Software researchers."

John's guide to earning an income from a Free and Open Source project (intended for the independent developer) gives all sorts of info from one developer on how to make money from an open source software project.

This site has all sorts of stuff about Yuna (the Final Fantasy character)

Today, 1 in 68 families in the U.S. has an autistic child... only a few decades ago, autism was nearly unknown. At the time of this writing, no one knows why. Many suspect vaccines, for a variety of reasons; vaccines are not safety-tested for long-range effects the way people think they are. Conflict-of-interest is a serious problem; the few studies that "prove" vaccines aren't a problem have serious concerns, as far as I can tell. "A User-Friendly Vaccination Schedule" by Donald W. Miller, Jr., MD has some suggestions, given the lack of conflict-free information and decision-makers. He suggests this schedule: "No vaccinations until a child is two years old (except hepatitis B vaccine for infants whose mothers test positive for this disease); No vaccines that contain thimerosal (mercury) (including flu); No live virus vaccines (except for smallpox, should it recur); and these vaccines, to be given one at a time, every six months, beginning at age 2: Pertussis (acellular, not whole cell), Diphtheria, Tetanus, d. Polio (the Salk vaccine, cultured in human cells)."

A weird thing - CLASH: CLisp As SHell by Peter Wood

Death by DMCA shows how the DMCA is stifling technology, because instead of assailing bad actors, it makes perfectly valid uses (like transferring a DVD to portable for personal use) illegal. Here's an anti-DMCA video.

A documentary of the Amen break - a 6-second drum sequence - it's interesting!

Why Linux isn't working on business desktops and how we fix it by Kelv (November 16th 2005) has a useful list of gripes. Obviously, Linux can be used on business (and home) desktops, but it's a useful place to start for improvements if you want to code an improvement. It notes things like being able to open Microsoft TNEF format in Thunderbird (and where to get the Sourceforge project that gets you most of the way there!).

10 Reasons Why High Definition DVD Formats Have Already Failed discusses "the reasons HD DVD and Blu-ray Disc will never turn into the dominant formats for digital media viewing".

SourceForge.net supports the subversion SCM system, but don't clearly explain how to get a new project started. First, you need to enable the use of subversion at all for your project. Then, for each developer, you need to give them write access. Finally, you need to import some initial files; they explain how to export from CVS, but not how to initialize a new project. You need to use "import", and you need to specify that you're importing to the trunk. For example, to create a subdirectory with your initial files (let's call it "readable") and put it in the trunk of the "readable" project, do this: 

 svn import -m "Initial import" readable https://svn.sourceforge.net/svnroot/readable/trunk

Firefox is a great browser. You can speed up Firefox viewing by opening "about:config" and turning on network.http.pipelining. That's not the default because some proxies and some versions of Microsoft's (inferior) IIS program choke on pipelined requests, but that's becoming less common. ComputerWorld has an article about using advanced Firefox options in its about:config view.

I'd love to live longer, or at least be more healthy while I'm living. With all the additional information now available to medical science, I'd like to hope that medicine will figure out some new approaches on that front. For example, the drug resveratrol seems to have some promise (well, in lab rats) - NewsWeek (December 11, 2006, pp. 80-84) even noted it. Whether or not that particular one works, I'm hopeful that we can find ways to make things better.

How can you control the amount of time someone spends on a Linux system? This post shows how to limit the time of day someone logs in, and how to forceably log them off outside that time, in Fedora Core (using PAM). Time quotas are trickier; here's a discussion of the needs on a Ubuntu forum. I actually think it wouldn't be THAT hard, but I'll have to look into it. One alternative (instead of full quotas which require tracking time) is to simply force a session to log off after a certain amount of time; for some that might be better. This discussion suggests Debian's "timeoutd" - I need to learn more about that! timeoutd's implementation is pretty simple. An alternative is porttime. Pyttymon may also be an alternative, though it's not clear it works for X.

Here's something very cool - RepRap (Replicating Rapid-prototyper), a practical self-copying 3D printer (well, mostly self-copying). There's a short RepRap handout explaining it. MIT professor Neil Gershenfeld's talk "The beckoning promise of personal fabrication" discusses his "Fab Lab", a "low-cost lab that lets people build things they need using digital and analog tools. It's a simple idea with powerful results: His Fab Labs, set up in communities around the world, let people build eyeglass frames, toys, computer parts – anything they need and can imagine. As Gershenfeld explains, this kind of empowerment leads to education, to problem-solving, to job creation and then to invention, in a truly creative process."

The Cyberiad has some funny cautionary tales; reminds me a little of the Hitchhiker's Guide to the Galaxy series by Douglas Adams.

Magic-1 is a homebuilt minicomputer. It doesn't use an off-the-shelf microprocessor, but rather has a custom CPU made out of 74 Series TTL chips. Altogether there are more than 200 chips in Magic-1 connected together with thousands of individually wrapped wires. And, it works. You can connect to Magic-1 and run the original Adventure.

You can learn more about electronics if you're interested. Lessons In Electric Circuits: A free series of textbooks on the subjects of electricity and electronics is a freely-available series with information. Other books are "Art of Electronics" by Horowitz and Hill, and "There are No Electrons" by Amdahl (who also wrote the greatly-titled "Calculus for Cats"). Playing with stuff is important to learning; Electronic Playground is one of many X-in-one packages so you can quickly play with stuff; this one reportedly has a good manual that explains things (using the usual analogy with water pipes). You want a book (explanation) and kit (try things out!) together. You'll probably want a circuit simulator like Spice, too.

Inform 7 is a tool for creating interactive fiction (text adventure games); one interesting aspect is that he's chosen to use an English-like syntax. (I really wish he'd released this as open source software; it's incredibly dangerous to depend on sole-source proprietary language implementations, as the Visual Basic developers learned to their sorrow.) If you're interested in the general issue of natural language as a programming/rule-specification language, there's a lot of material on the topic. Interesting sources include The Natural Language Processing Dictionary (a This bagger example is helpful too). English Phrases for IR" (EP4IR) grammar is GPL'ed work with a big grammar and lexicon, which could be a basis for many projects. GATE (General Architecture for Text Engineering) is a heavily-supported project. GMU has some useful material, but beware of license traps.

There are some interesting "kids developing software" things. The Te Tuhi Video Game System (FLOSS under GPL) is a clever p