Computers
Dark Grey Screen Of Death
Now here’s something I hadn’t seen before:
Fortunately I save early and often, and in the worst case I have a full backup that’s only a few days old (minutes, now!), but this was the first honest-to-gosh kernel panic I’ve had since I bought an OSX-equipped Mac. Quite a surprise.
/Library/Logs/panic.log seems to blame it on the Airport drivers. I can cope with that, as long as it doesn’t happen again. Then I’d have two reasons to send my shiny new PowerBook in for service (the first being the famous “white spot” problem that’s finally starting to become visible on my screen).
When spammers get desperate
This is the only spam to make it past my filters in the past 24 hours. Needless to say, the message didn’t get through. Even if they hadn’t screwed up the subject line, its spam-nature was still obvious to the human eye. For more fun, their clever attempt to evade the common “html-only messages are spam” filters backfired with OS X Mail; it displayed the raw HTML, which was unreadable due to their other filter-evading strategies.
It’s pure poetry. They’re trying so hard to hide their message from filters that they’ve ended up hiding it from the people they’re trying to reach. Incidents like this are why I’m becoming more optimistic about the future of email.
Adobe CS suite adds revision control, insecurity
Version Cue is a revision control system for Adobe applications, introduced as part of the new CS suite. It’s off by default. It makes local copies when you check out files, and requires explicit commits. It’s based on public standards (WebDAV and XMP, implemented with Tomcat). You can lock a file to keep others from editing it, and you can break locks set by others.
All good so far.
If you turn it on, it defaults to sharing your projects with everyone on the local network. Privacy and user administration are optional, and must be administered locally, from their GUI tool; usernames and passwords are not integrated into your network infrastructure (Windows or Mac). It appears to be non-SSL WebDAV, which means anyone on the local net can sniff passwords and access anyone’s “secured” projects. For real fun, they recommend starting with wide-open desktop-based project sharing, and adding dedicated servers and access controls later. It doesn’t look like there’s any direct support for branching, labeling releases, or reverting to previous versions. Oh, and turning it on chews up a minimum of 128MB of RAM on each machine.
Not so good.
Makes me glad I don’t do user support for graphics/publishing people these days. I’d hate to have to strangle a manager who insisted on rolling this thing out right away.
On the flip side, if you’ve got the RAM and you turn off sharing, it’s A Good Thing for people who do a lot of tinkering in Photoshop, Illustrator, and InDesign. I’m going to be importing a few of my Illustrator projects to try it out, while I read the available documentation. If it runs correctly under Panther Server, I might even use it for photo editing in Photoshop, as a convenient way of preserving the raw scans side-by-side with the corrected versions. After I upgrade my laptop to 2GB of RAM.
Update: I just spotted something hilarious in the Version Cue Preference Pane.
Yes, that’s right; a large Version Cue workgroup is 10+ people. Gotta love that scalability!
WPA needs strong passwords
Wi-Fi Networking News reports that Wi-Fi Protected Access (WPA) is vulnerable to dictionary attacks. This means you gain nothing by turning it on unless you choose a strong WPA key.
The best source I've found for creating strong keys is Arnold Reinhold's Diceware page. There's a wealth of information here, including a number of alternatives to the main Diceware system, such as creating a strong password using only coins and your keyboard.
A few additional tables are only listed on the original ASCII version of the Diceware article. I particularly like the random syllable table, since you can print it out and carry it in a small container with a set of dice.
| 1 | 2 | 3 | 4 | 5 | 6 | ||||
|---|---|---|---|---|---|---|---|---|---|
| 1 | b | c | d | f | g | h | 1 | a | |
| 2 | j | k | l | m | n | p | 2 | e | |
| 3 | qu | r | s | t | v | w | 3 | i | |
| 4 | x | z | ch | cr | fr | nd | 4 | o | |
| 5 | ng | nk | nt | ph | pr | rd | 5 | u | |
| 6 | sh | sl | sp | st | th | tr | 6 | y |
There are a lot of online stores that sell casino dice, but if you ever get to Las Vegas, many of the big hotels sell their used casino dice in the gift shop. The Luxor even sells theirs online for $2 a pair. You can get their playing cards, too.
Super screen
I want one of these. Screw putting it into a PDA, though. A 300dpi LCD display? I want it on my 15” PowerBook!
Of course, it would probably cost more than my Lexus, but I can dream, can’t I?
Latest variation on the Nigerian email scam
This actually made it past my spam filters. Once.
Needless to say, I won’t be helping this innocent victim of political persecution, wrongly jailed for “suspected genocide”. Nor will I keep his message a secret “for the sake of humanity”. In fact, I’d be delighted if it served as evidence against him. The person sending the spam, that is, not the fictional character in the message.
(the email address used was scraped from the blog Making Light; I’ve never used it anywhere else, and now that my filters trap about ten spams a day sent to it, I never will)
.vg/.biz
Very little email spam actually gets through to me any more. OS X’s Mail.app weeds out about 40 a day based on content, leaving about three a day that consist entirely of inline JPG images. Which Mail.app doesn’t load.
The subject lines make it clear that they’re obvious spam, so my latest trick is to view the raw source, look for the link to the picture, and add that domain to a custom rule. For the past few weeks, virtually all of these have been links to sites in the .VG top-level domain. From the host names involved, it’s clear that the registrar is in on the scam, so I’ve junked all messages containing “.vg/”. Works like a charm.
Today, a few got through with .BIZ domains, and I realized that I’ve never seen a legitimate business that had a .BIZ domain. So I added “.biz/” to the list as well.
The rule also junks messages containing “http://1” through “http://9”; I think that one still catches about ten spams a day.
Bits, bytes, platters, and drives, how many were going to St. Ives?
Four complete and total morons in Los Angeles (redundant, I know) are suing computer manufacturers for reporting hard disk capacity using international standard prefixes. Even better, they are not suing the companies who actually make and label the disks with these capacities.
“Your Honor, I’d like to submit as evidence this disk drive, taken from a Dell computer. Note the name M-a-x-t-o-r on the label, right above the advertised capacity in gigabytes.”
“Right. Bailiff, take these four clowns out back and sterilize them for the good of humanity.”
