Bloggers, Bloggers everywhere

A lot of Sri Lankan people do seem to have blogs these days.

This is a good trend in a way; I loved the time back in 80'ies, when a typical Sri Lankan mother's occational gifts to a child were mostly books. Eighties ended up as the last decade where words as sequences of letters had a good place in the world of information. Then along came the age of TV and printed words were replaced gradually, and words became air vibrations that comes out of some idiots mouth, picked up by a microphone, converted to electrical - then electomagnetic - signals to be transmitted and then reproduced by thousand speakers miles away. People gave up reading, and writing was something the elite did; not much different from the medieval Europe, not really different in the mindsets of the authors anyway: they were posh, rich, had nothing to do because they didn't have to work to earn a living. Their prose and verse common people didn't read; their culture common people couldn't digest. The few young authors who were at grassroots level either produced garbage or were limited to science magazines.

And 90's was a nightmare.

If you were not aware, I must inform you that I'm an old-style guy, and that I prefer writing to speaking and reading to watching (despite the Derridian ideas that in the days of socretes this was the other way around) and that I have rather romantic notions on literary creaions as works of art, despite what Walter Benjamin said.

In this context, it's a great thing to see that a good number of people are back in writing. But is everything fine? I'm afraid not.

Male bloggers, by this I mean the few of them I happen to have noticed, talk about stuff that matters. Whether they're Sri Lankan or not, there's something to read in almost any male blog. Most female Sri Lankan bloggers, in contrast, write about themselves: mostly, what happened to them each day and why they have to bitch about that. Of course I'm talking about the few blogs I've been pointed to by various people; I did take my time to voluntarily check out some blogs of people from Singapore - where a great majority of the bloggers happens to be female - the reason I know why, but that's something out of the topic today - the relevent point is, they are just whining and bitching to such an extent that can make even Sri Lankan blogger girls would get bored. Hey, don't take this personally: critisism is an okay habit only if it's constructive. Analytical critisism is good for the world. But if you don't question, if you just whine, it's just annoying.

In Blah, Blah, Blog (IEEE Spectrum, December 2003), these kind of blogs were reffered to as kittyblogs, because - somewhat metaphorically - what they generally describe is what the cat dragged in today, or bloggerel (from blog-doggerel), or, better yet, blogorrhea (you can guess this), because they provide a pour of words, usually oversharing one's own daily life accounts.

I'm not questioning the freedom of speech in any way - so don't come up with that bashing me: I'm just using my own freedom of speach. I'd rather that female bloogers wrote something interesting outside the topic 'me'. I don't think it's wholly due to girly nature: look at this girl for instance :)

Sigh

Installed WinXP SP2 a week back, and life is fine so far. It installed flawlessly, seem to co-exist and work with everything that existed. One small problem I had - when I tried to replace Notepad with Notepad2. I realised that the old DLL cache does not work the way it used to work, and there's one more layer of security imposed by replacing files directly from a hidden SP2 source in Windows folder. This might be taking my HDD space, but it's not a major concern. I should say, SP2's an improvement as a whole. As I always say something is better than nothing.

Came across this wisdom of a seemingly old man on ZD Net blog - which is a good bottom line:

"Having been involved in computers since 1968, I’ve found all new software, to include “upgrades", to be an improvement over what we had back then. SP2, from the beta version thorugh the release version, has also contributed signficantly."

Briefcase

MS intoduced briefcase for quick and easy file synchronising for people who're busy. A good thing indeed, but could have been better.

Take for instance, my situation: I work on the same project, using both my Lab machine and home machine, both are PCs. The project has about 100MB data and 700 different files, where I would edit a few of the files in a given day. Copying the whole thing is just annoying: Although in my case I use a thumb drive to move my files around, it takes a lot of time to copy; thumb drives are really bad at copying a lot of small files than copying a single big giant of a file. Since the directory structure is quite complex, 77 folders to be exact, I can't keep track on what's being modified: So I thought of giving Briefcase a try.

To my shock, I realised that briefcase is actually meant for the people who actually use briefcases: wear ties and tuxedos too, perhaps. A one or two Office ducuments, a couple of pictures: you can't actually sync two computers effectively unless you connect them with a cable. The options available are:

• Keep copies of files in both your PC and laptop, and connect them with a cable to sync.


• Keep a removable drive (floppy in MS knowledge base article) and edit them there, while you're working on the laptop, go home and sync.

Obviously option one is not available for me, and how about option two? It may be possible to keep one or two files in a floppy, and even there editing can be a real pain. Think of 100 text files being generated and deleted dynamically, programs compiled, 200 times a day: on the HDD, it takes a second: on a thumb drive, faster it may be than a floppy, it would take ages. So I have to copy the files on to my lab machine.

One guy pointed out (not from MS officially) that you can make a copy of the briefcase to the lab machine manually. However, this practically solves only 50% of the problem because there's no way of updating the briefcase from that copy: you just have to copy it back to thumb drive, which is copying 100 MB and 700 files for changing 10 files that are less than 100 KB each.

Well, I might not be a typical businessman, but this is not WinXP home edition either: or does Windows have a better XP version other than XP Professional for researchers? And briefcase has been there for quite a time now: I don't think it'd improve later. What I ask for is not rocket science; just a way to sync files between two folders just by moving only the files that are modified.

Right now, I've resolved to use good ol' XCOPY, one of the best utilities MS had since the age of DOS. it allows you to selectively copy files depending on archive attribute or modified date. Four batch files to move things from and to thumb drive from two machines, and it's done.

Does anyone know a better way :-/ ?

On hard disk erasures and calling home

Hethu says something interesting:

"If a program is running under Admin privileges, you can do very little to stop it, be it Linux or Windows, simply 'calling home' is just too polite. It can simply format your hard disk, how worse can it be?"

And I promised to explain why the reality is different from possibilities.

First, it siffices to point out that we almost never heard of any hard-disk-erasing viruses so far, except for hoaxes. Why is this the case? I think we all can guess; a mass distructive act like virus spreading can be an act of glory: it's a fight of a kid against world - big corporations, governments etc. All the recently succesful viruses we knew of put entire networks down; attacked microsoft; but no one didn't really harm individual computers to a considerable extent. I think this is because it takes the joy of fight away - like civilian killing in a combat. On the other hand, think about the community perception - when Bush drops bombs on Iraq it's war: but if an american draws graffiti an iraqi car with a spray can, it's vandalism. The latter does negiligible damage compared to the former, but is more disrespected. You don't see a police cop slap on a president's face for bombing.

You see the difference: virus writers generally stay outta 'civilian' casualities. That's the 1337 way of fighting. I don't want to prove this conjecture; reality is more proof than necessary. You can also read A virus is not always the product of a sick mind and Perusing The Virus Author Mentality for better discussions.

In short, the script kiddies don't really want to erase hard disks. The effect of that is something they don't really like. And think, if the kid is too smart, he'd just realise that the erasure of hard disk actually reduces the chance of virus getting spread: the more you keep the machine running, the more you can infect. The first target of any virus writer is to thwart the security and to spread, than to make real personal damage.

Second: who can say it's only the script kiddies who're out there?

If this is not the case, this will be in near future: think of a virus as an email address collector: we all know how the recent viruses used people's address books to spread. What if, instead of just spreading, the virus called home, and gave the list of email address, along with the name of address book owner? A spammer at home will be really happy: first, you get a load of real shiny email addresses instead of the junk you get from web; then, you have the name of at least one of their friends --the owner of the address book-- so you can make your spam look like being originated from him. this will make it difficult to block the spam, and will force the recipient to open them.

If I'm the spammmer who would like a virus like that, would I consider erasing the hard disk? never.

Third: spyware. We have talked enough about spyware; they all work because calling home is possible. And hethu would agree that spyware is evil. You don't just have to accept it's better than hard disk erasure; well it is; but that's a different story altogether. We don't want to get our hard disks erased; we don't want to get our email addresses stolen, our credit cards forged, or our identities robbed either. Just because the possibility exist that someone can kill you, you don't say the police should give up catching robbers and pick pocket guys.

Then a bit about Firewalls.

First, a firewall is a firewall is a firewall. Ditecting viruses is the task of a virus scanner; You can get a virus through email or a removable disk and there's nothing a firewall can do for that. Actually, that's how most of the viruses come in to desktop PCs. And if a firewall gives up saying 'uh oh, now there's a virus in the machine, which can even erase the HDD, so what's the use of my hard work protecting the network?' then it's just silly. Let the virus scanner do it's work and you mind your work, which is gatekeeping the network.

Second, all those spyware and viruses do not need admin rights, which are needed for HDD formatting. So,

1. If MS assumes that majority of the users log-in as admin (and we assumed that all viruses erase HDDs) it's stupid because they have to accept that their firewall is just useless, because it can then be shut off simply.
   
2. If it says most people do not have admin rights, then a virus infection is NOT the end of the story. It's just a matter of protecting the network until someone detects it and cleans.
   

Think - most recent viruses used outgoing SMTP to spred. If you stopped the outgoing connections at the first infected computer, none of these viruses would have spread. This is the case for other viruses like SQL slammer etc which do not use SMTP to spread. Even for viruses lime MSBlast, the correct thing has been to stop the outgoing call in the first place. In a typical case where one infected PC infects more than one others (that's why the growth looks exponential), it's wiser to stop the attack ad the donor end. I have seen so many times how people spread viruses, how networked got jammed, how websites/ SQL servers go down, ALL because outgoing connections were possible from personal computers of unsuspecting people.

'Nuff zed.

Better than nothing, but not good enough

"Yooohoo .. firewall !" "Yessir!" "Turn yourself off please" "Aye Aye, Sir!"

According to David Berlind, that's what happens with Windows Firewall even after much-talked-about secure Win XP SP2. According to him, the firewall lacks outbound traffic blocking, and it allows itself to be turned off programmatically.

Well, only if the user has admin privileges. But this might not have been the best way to do stuff, after so much anticipation on SP2. These two 'features' would make the firewall practically useless unless it gives us 200% assurance on blocking inbound traffic. And I thought the major part of what can happen to a guy like me would consist of outbound traffic: with all these new worms 'calling home' and using built-in SMTP servers to send hundreds of email from my computer, and lots of spyware and adware reporting home with my details. If the firewall blocks outbound traffic, I could detect these stuff. Unless I'm a well known server, the chances that every hacker in world to attack me from outside would not be that much. On the other hand, the guys who expect more inbound attacks than a possible Worm --a big guy with a popular server-- would have an industry standard firewall in the first place.

MS can say, "well, inbound protection is better than nothing, and once you get infected, then there's nothing much to do anyway": well, then this is going the same was as WRM. Nothing significantly better than Voluntary abstinence - and giving up fighting. It could easily do something to reduce the damage on whole world, thinking of DDoS attacks and everything that happen - in reality.

And about that API to turn the firewall off, well, may be MS had a point there: there's a risk running your PC as admin, whether it's Windows or Unix. What's disturbing is the facts: Dave points out that most WinXP users DO log in with Admin powers. I have to assume that he's right with his statistics - which he usually is.

Flying home

I took this photo during the flight to Singapore last time. The flight was boring, all the films were the ones I have seen previously; I was alone and the engineer in me took control: I spent most of the time studying the wing flaps. There was only six months left for the 100 year annivasary of Wright brothers' historic flight of 120 feet - a length which is just a bit longer than half the wingspan of a Boeing 747.

That reminds me, it was Bill Gates who wrote the The TIME 100 atricle on Wright brothers. Now that's the Bill I like: cool, brilliant, creative and talented.

That was a year and a month ago. After a freakin long time - a hectic one too - I'm flying home at last.

Jonathan Livingston Seagull

"If our friendship depends on things like space and time, then when we finally overcome space and time, we've destroyed our own brotherhood! But overcome space, and all we have left is Here. Overcome time, and all we have left is Now. And in the middle of Here and Now, don't you think that we might see each other once or twice?"

I read Richard Bach's 'Jonathan Livingston Seagull -- A story' long time ago when it was mentioned by one of my mentors; it's a rather short story, about one's quest for perfection. A really inspiring story to keep one on track when the going gets tough.

Wikipedia says on the book:

"Clearly, Jonathan Livingston Seagull has joined Tolkien's The Lord of the Rings, Gibran's The Prophet, and, for a previous generation, Salinger's The Catcher in the Rye as one of those must-read books that one encounters in late adolescence and that remains with one forever."

True. At least the two I have read, this and LotR, will remain with me forever.