Sand. Sand? Yeah, sand - the silicon dioxide that we all know and ignore, except for the summer months, when it's a good thing to roll in. Now who'd have thunk that people could do really amazing things with it!
Spotted via Ben Goodger.
The night before, over a beer or five, Vasil Kolev, Georgi Chorbadzhiyski, Boyan Krosnov, and I had an interesting discussion about the difference in the development model, distribution model, and/or design philosophies between the various Linux and *BSD OS's (or should I say distributions?). When Vasil asked if there were any *BSD distributions besides Free/Net/OpenBSD, I couldn't come up with a lot of examples, although I knew there were some. Well, as a first approximation, there are TrustedBSD, EkkoBSD, The FreeBSD LiveCD Project, and just today I heard about a new one, LittleBSD, which even sports some anime artwork (and there's more around the site).
I know there are more, it's just that I cannot think of them at the moment.
I have a notes blog now. It ought to be updated a bit more often than this one, but this is no promise ;)
I hope that among those who read this blog, there are none who believe - or would even seriously consider - the mind-boggling fingers pointed at the free software community as authors of the MyDoom virus or accomplices of the author. I would really, really hope that the readers of this blog have enough common sense.
Still, if there is someone who still believes that the appearance of the MyDoom virus is a sure sign that the whole free/open-source software movement is Evil(tm), here's a great article by RMS on the subject. Definitely worth a read, no matter where your beliefs stand.
Something that many people, including myself, find extremely useful when reading others' blogs: an RSS feed for the last 45 comments made to any of the blog entries. Enjoy :) Thanks to Jeremy and revjim for the template (slightly modified here).
Now if only I could find a way to build per-entry RSS feeds... Of course, this will be trivial to do with at most half an hour's worth of Perl, but I guess I'm kind of lazy right now, so it might have to wait.
Oh, and if anybody's wondering, the template itself is basically revjim's work, with two changes to the two MTComments tags: upped the number of comments to 45 (the lastn attribute) and reversed the sort order (added a sort_order="descend" attribute).
Some time ago, I mentioned to Vasil that HTML allows all sorts of weirdness, like unclosed tags, unspecified closing tag names, unclosed *opening* tags, and all that stuff. Finally somebody has taken the time to actually demonstrate that - a wonderfully crafted HTML weirdness, courtesy of Virtuelvis. The funniest part is, the W3C vaildator does, indeed, agree that this is valid HTML!
I sign all my outgoing e-mail using GnuPG, so it gets sent out as an S/MIME multipart/signed message with an application/pgp-signature MIME part. Sometimes this brings out the fun part of the 'net, such as an automated response I received to a message that just made BugTraq:
MailServer has rejected this message: it contains executable attachments.
(just to clear up any confusion, no, this was not sent by the securityfocus.com servers, but by the mailserver of somebody subscribed to the list)
Let's hear it for the geniuses who configure their mail filters so that any MIME attachments marked as application/* are considered executable. I guess asking them to read RFC 2046, section 4.5, "Application Media Type" (which plainly states that MIME parts marked as application/* are meant to be processed by an application), would be asking too much... but is it too hard to actually *look* at some e-mail messages that they've sent or received recently, and notice that some of them do, indeed, bear attachments of the dreaded application/rtf or application/x-arj-compressed or application/vnd.ms-tnef types? Okay, got carried away a little - that last one is indeed a dreaded one :)
And if you expect to see here another rant about mail filters that bounce messages to the 'From' address instead of 'Return-Path' or 'Sender', well - it seems that you can already do that one by yourself.
Once again, it seems that I fully and completely agree with yet another essay of the late Douglas Adams - this time on the subject of the Internet, the way it is currently perceived, and some of the ways in which it will probably be absorbed in our everyday life in the coming years.
A great excerpt to get your attention in the same way that anima got mine:
"I suppose earlier generations had to sit through all this huffing and puffing with the invention of television, the phone, cinema, radio, the car, the bicycle, printing, the wheel and so on, but you would think we would learn the way these things work, which is this:
1) everything that's already in the world when you're born is just normal;
2) anything that gets invented between then and before you turn thirty is incredibly exciting and creative and with any luck you can make a career out of it;
3) anything that gets invented after you're thirty is against the natural order of things and the beginning of the end of civilisation as we know it until it's been around for about ten years when it gradually turns out to be alright really.
Apply this list to movies, rock music, word processors and mobile phones to work out how old you are."
But don't be content with this: do go ahead and read the whole article, it is both amusing and thought-provoking.
A cute article in The Register today about a company's (apparently quite successful) attempt to demonstrate that even for technical journalists, it is not always easy to understand and evaluate something new at first sight.
Grumble. Those who do not care about C++ and are just wondering what the hell is keeping me up at 2:40am may safely skip to the last paragraph.
The past hour (and a bit more, actually) was dedicated to figuring out why Visual Studio C++ would not "see" a symbol exported in a DLL (or rather, its export LIB) that it (well, *another* copy of Visual Studio :) had placed there just about 20 seconds ago. In the end, after using strings(1) on the .lib file, and very, very carefully reading the linker error message, it turned out that the .lib file mangled the function name as:
...while the linker was actually looking for
Spot the difference? Yeah, that's right - just a single puny character at the very end. Now, thanks to the creatively named Windows API function UnDecorateSymbolName(), I was able to find out that I'd forgotten to change a 'void *' to a 'const void *' in the function definition.
Yep, that's right, I'd made the most stupid mistake - the header file had 'const void *', the function itself took a 'void *' as a parameter... and why oh why didn't VC++ warn me at build time?! Yes, I am compiling with warnings at level 4; some of the time, I'm even adventurous enough to try /Wall - including this time, and no, VC++'s /Wall does not enable any warnings equivalent to GCC's -Wmissing-prototypes! If there is a discrepancy between the function declaration and the prototype, the compiler silently assumes that you actually want to declare a different function, and there you go.
Or wait a second.. Looking at it now, GCC only honors -Wstrict-prototypes and -Wmissing-prototypes when in C mode - for C++ files, you're on your own, too. Now if only I could figure out a reason for that... I mean, overloaded functions are all fine and dandy, but sometimes, just sometimes, I actually want the compiler to scream bloody murder at me for forgetting a tiny little 'const' thingy. If somebody has any idea why GCC will always silently accept a missing prototype in C++, and why VC++ does not even have a warning for that (well, it *is* mainly a C++ compiler), please enlighten me!
Grumble. Okay, back to the rest of the work now. And for those who find working at 2:40am strange, I seem to remember a saw that went something like 'Developers do not have office hours; all they have is deadlines'.
What really bothers me about the CNN article is the implied connection between SCO's judicial pursuits, the open-source community, and the MyDoom.A virus. Of course, it would be hard to deny that SCO has indeed drawn the public attention in more than one way with the (insert expletive of choice) lawsuit, but the way this (and some other) article is written more than suggests possible candidates for the virus writers.
As to whether taking www.sco.com out of DNS could be considered bringing the website down, IMHO it might indeed. Why? Well...
Other than that, I agree that SCO made one of the best choice in handling the attack, so that it might well still emerge from it with nothing more than a huge boost in PR and only a possible psychological perception of the site being down.
Update: As seen by the comments below, I have apparently managed to misunderstand Luke's point. Of course the site was not brought down by the virus itself - as, indeed, the CNN article falsely claims.