Related link: http://www.respectcopyrights.org/hear-artists.html

I went to see American Splendor tonight. Before the movie, where they normally show trailers, they also showed a spot wherein a set painter named Daniel talked about how Piracy threated his job.

Daniel spoke about how the expensive employees wouldn’t be hurt. But he, the average Joe who works on movies, would be out of a job unless Piracy was stopped. He put it bluntly:
“The piracy issue … I don’t believe it will effect the producers. I mean it does affect them, but it’s miniscule to the way it effects me …. we are not million dollar employees… we’re lucky if we put together 12 straight months.”

So let’s get it straight.

The trailer is obscene. The film industry is speaking up for the little guy? Am I only one who feels the disconnect? While Daniel, and the other laborers, are lucky to have a job for 12 straight months, executive (and star) salaries in the movie industry are obscene (for example, in 1997, Michael Ovitz got 94.5 million in cash as a severance package. And in 2001, Michael Eisner, who replaced Ovitz, got an $11.5 million bonus while slashing the salaries of animators). The film industry is run by people who take enormous amounts of money off the top and leave drippings for everyone else. For them to complain that piracy hurts the little guy is the height of hypocrisy.

The trailer is dishonest. The problems facing the entertainment industry as a whole are vast and structural. Piracy isn’t the problem; a legacy of 50 years of greed, unlimited copyright extensions, and a sense of entitlement that can only be described as “monumentally delusional” are.

The trailer is offensive. I paid $9.25 to see a film. I got forcefed a piece of dishonest political propaganda along the way because a group of suits somewhere decided that I needed to be “educated”.

The trailers are, unfortunately, all too typical for Hollywood (a small town with an inflated sense of self-importance and an even bigger ethics problem).

Related link: http://www.apache.org/foundation/

Somewhere along the way, Apache became a “membership-based, not-for-profit corporation.” Does that have any implications for developers? If I spend 20 hours working on a patch that gets accepted, can I write off the value of my time?

I’m actually sort of serious here. If Apache is a non-profit, what can we donate to it (and how much of it can we deduct)? Their contributions web page only talks about money and hardware and therefore implicitly excludes software. How about DMOZ or Nutch? In general, can we write off the value of donated code?

Does it make sense to think about things this way? When I donate time to SD Forum or MROSD, I
don’t deduct that time or energy.

Any ideas on this?

Related link: http://news.com.com/2100-1002_3-5066511.html?tag=fd_top

The other day a friend said “I don’t practice safe computing” to me. I was a little surprised by the admission because, quite honestly, it doesn’t need to be admitted. Most of us don’t. I try to keep make my systems secure, but there have been lapses.

Why? Here’s an example. To install the latest patch for IE, I had to reinstall service pack 1 (the patch insisted). Before I could do that, I had to edit the registry. Only then could I install the service pack, which was required to install the patch. There were three or four reboots involved, and a fair amount of head-scratching. Oh, and my plug and play system kept autodetecting the printer the computer already knows about, and asking me if I had more recent drivers. Added up, it was over an hour of my time.

But you know about the worms and alla that. The truly priceless thing today is that Microsoft is claiming the latest worms, viruses, and devastating security holes are actually evidence of progress

I think it is an observable bit of progress for Trustworthy Computing,” Toulouse said. “The default settings of the operating system are more secure.”

You gotta admire the gall of that. In the midst of a truly nasty worm, and two recently exposed “critical” flaws for Windows, the sort of bugs that completely and utterly compromise your system’s integrity, someone at Microsoft is spinning things in a positive way and making the case for buying more Microsoft products.

Not only that, the evidence of progress is really (from the same story) “Windows 2003 doesn’t have the vulnerable software installed by default.”

And John Dvorak wants to license users?

Related link: http://news.google.com/news?num=30&hl=en&edition=us&q=cluster:www%2einfoworld%2e…

One of the interesting things about viruses are the, ahem, extreme reactions. There’s always a lot of blame being directed at Microsoft (basically for building a petri dish into every machine) and there’s usually a lot of people blaming end users who open such e-mails (on the grounds that, at this point, they ought to know better).

This article is interesting, though, because it adds the cost of patching for viruses into the total cost of ownership for Windows. Has that been added into TCO equations before?

And there were two completely new (to me) reactions:

John Dvorak has, in a fit of full-on mouth foaming, suggested that pc users should be licensed like car drivers. I don’t think licensing works unless the technology is stable, but Dvorak is apparently claiming that a driver’s-license level knowledge of computer systems from 2001 would have helped here.

The most interesting reaction was the idea of building a second worm, though. What does the second worm do? It goes around killing the first worm and installing microsoft security updates.

This latter worm actually bothers me more than the original. All of a sudden, the internet turned into a giant game of core war

Any other new and interesting ways to cope with the worm?

My new computer arrived. My neighbor signed for it at 1:05 PM this afternoon. UPS package tracking on the web is the quintessential example of a useful, well-written application.

I want the people who wrote the UPS package tracking application to go work for my bank. I want them to figure out why I have to wait 3 days for purchases made using my debit card before they show up in Quicken.

I’ve been venting in recent days regarding Windows Update problems. Sure enough, I received the following advice in an Email today:

“Dude, get a Mac.”

Good Advice, or Religious Advice?

Macs are better, right? Well, here’s the problem…

The advice is bad because it was offered without first asking for requirements.

I don’t like advice like this because it presumes a particular solution without bothering to ask for requirements.

Possible Reasons to Stick with a PC

Maybe a Macintosh costs too much for me. Or perhaps I already have a huge investment in Windows software and don’t want to purchase new licenses in order to switch. Or maybe I’m at work and am forced to use PC-only software. Or maybe I’m using a specific version of Java that isn’t available on Mac.

Hmm…I think something is wrong. I have installed “Security Update for Microsoft Windows (819696)” five times now. Yet each time I go back to the Windows Update site, the patch keeps showing up.

I just checked their Installation History option, and the security update shows up five times, all with a “Successful” status. According to this page, I’ve installed the update on Tue, Wed, Thu, Fri last week, and again on Tue this week.

Maybe it’s time for a new strategy, since re-installing doesn’t seem to be working. ;-)

I just submitted an official “Microsoft Windows Update Site Support Request”. Let’s see what kind of response I get.

Related link: http://www.computerworld.com/securitytopics/security/story/0,10801,84084,00.html…

In this BLOG entry, I recently wrote how my system was infected with this Blaster worm, despite the fact that I thought I installed all patches from Microsoft.

Well, this article in ComputerWorld seems to back up my theory. If your system gets hosed up, as mine was because of a bogus video driver, it might report that you have installed all critical updates even though your system is still vulnerable.

I don’t appreciate the denial from Microsoft:

Stephen Toulouse, a security program manager at Microsoft, dismissed Cooper’s claims and insisted that Windows Update has “for several months” been checking for file versions in addition to registry keys when scanning for patches.

Citing the patch for the latest Windows remote procedure call vulnerability (MS03-026), Toulouse said there have been “tens of millions of successful implementations of this patch, and we haven’t heard of a situation where customers think they have installed the patch and then find out they haven’t.”

Arggghhh….!

I called up Gateway and was able to find a PC for $385. They didn’t charge shipping, so my total bill including tax was just over $400. Cool!

This machine isn’t going to set any performance records, however it should work fine as a replacement “family” PC. This frees up my old Dell so I can set up a Linux server in the basement.

I had the pleasure of being part of the JDO 2.0 kickoff meeting in D.C. last week. Since this meeting was a pre-JCP thing, everything that was done/said is public, and hence I could release a report on the meeting.

The report discusses the feel of the meeting, and goes into details on the technology that is going to try to get into JDO 2.0.

For example,

• JDO/R: O/R mapping standardization
• Query updates: Enhanced JDOQL, SQL support, named queries and more.
• Detach/Attach API

As the report states, I was very impressed by how the meeting went. The vendors were not acting against eachother, but rather together. Four of them got together in a sub-group to work on the O/R mapping side of things, and worked into the night on it, giving eachother a lot of insight into their own systems. I am very excited about JDO 2.0 now.

Checkout:
TSS Discussion of JDO 2.0: Lot’s of changes discussed at the kickoff meeting

Related link: http://jcp.org/en/jsr/detail?id=175

If you remember back to this year’s JavaOne, one of the hot topics was the forthcoming metadata spec. It’s out now, and curious programmers should take a look (you still need to be a JCP member to read it though).

Related link: http://www.frys.com/

Fry’s Electronics is something of a Silicon Valley legend. They’ve got 5 or 6 stores spread throughout the area. The stores are big, full of computer gear, and jammed with high-tech professionals looking to buy things.

Or, at least, they used to be.

At the height of the boom, Fry’s did an amazing business. The stores were jammed with all sorts of weird computer stuff. You could go in and walk out with five hundred dollars worth of stuff you hadn’t heard of but which you had recognized (and knew you needed) as soon as you saw it.

Friends who emigrated from the valley to take technology jobs elsewhere missed it. Sure the service was beyond awful, but Fry’s made up for it in selection and convenience. Visitors to the valley would make sure to stop at Fry’s, to pick up things they couldn’t even hear about in their hometown.

These days? Well, for starters, I hadn’t even been to Fry’s in over a year (a bad sign). Today I stopped on the way home to see if they had a book.

And it’s a very different store. For the most part, they’re selling DVD’s, video games, and appliances. They didn’t have many books, they only had a couple of aisles of software, and most of what they did have was woefully out of date. I’m sorry but if you’re stocking a book on Visual J++ 6.0, you’ve pretty much lost all credibility with me. And if you have more books on Excel than on Java programming, the conversation is over.

Even worse for Fry’s, they had an awful conversion rate. I’d guess that about half of the people who went in left empty-handed. People are going there and not finding anything to buy.

It’s a sign of the long high-tech slump, and of the impact of the internet on retail, but I’m kind of saddened. The old Fry’s, bursting to the seams with customers and equipment, bad service and all, was kind of a landmark for me. The new Fry’s, which pretty much felt like a second rate Best Buy to me, is just depressing.

How are your local high-tech retailers weathering the slump? And where do you go for obscure computer gear?

Yesteday was a bad day. I wasted several hours cleaning up after W32.Blaster.Worm. Now I vent…

I always install all of the Windows XP patches available on the Microsoft Windows Update site. A few weeks back, however, my computer started behaving strangely. Every other time I booted, it would show the Windows XP splash screen and then … zap … the screen went black and the PC shut down. Whenever I would restart, Windows XP gave me some menu saying the PC did not start correctly and I had the option of rolling back to the last known good configuration.

Not being a Windows expert, I did the following:

• uninstalled a whole bunch of programs that I no longer use
• ran Norton Utilities to check for registry problems
• scanned the hard drive for errors
• verified that all available patches have been installed
• make sure the startup folder was empty

Blah, blah, blah…I could not eliminate the problem. So I eventually chose the option that let Windows revert back to the last known good configuration.

After choosing this option, my system came up in this horrible VGA mode and I had to re-install the device driver for my video card. After that, the bootup problem went away.

So my computer has worked perfectly for a few weeks, until I got this Worm/Virus thing.

My Theory

My theory is that when I told Windows to startup using the last known good configuration, it backed out my display drivers along with some or all of the Windows Updates. This is why my system was vulnerable to the virus.

The problem is, I don’t know WHICH patches are or are not installed now. When I view the installation history on the Windows Update site, it shows that I have installed every available patch. But that cannot be true, because the Worm only infects systems that do not have the appropriate patch.

Oh well. I’m not really looking for advice at this point. This is just one more little nudge pushing me closer to Macintosh for the next big computer purchase a year or two from now.

Yesterday, I wrote a weblog entry in which I compared Olestra, the California gubernatorial recall, and the latest Microsoft security hole. And I suggested, albeit in an offhand way, that it was only a matter of time before Tim O’Reilly declared his candidacy.

When I said it, I was joking.

But after posting it, I began to take the joke more seriously. More precisely: what I’m taking seriously is the idea that someone from high-tech should run for governor.

This grows out of a long list of thoughts. Here they are, in no particular order:

• No major political figures are running. Aside from the current governor, the current candidates list consists entirely of second, third, and fourth raters (note that I’m not certain of this because it’s hard to find a complete list of candidates). The biggest name is either an aging film star (and it’s not Clint Eastwood, who at least has some political experience) or a former mayor who didn’t impress anyone the last time he ran for governor. Moreover, a lot of the political speculation seems to center around how long it will take before someone worth voting for enters the race. I’m just not impressed with the current possibilities.
  

• Many of the most compelling political debates center around technology. Is it just me, or is technology playing an increasingly central role in society? We’re all talking about, and legislatures are legislating on, technological issues. Why not insert some actual expertise into the center of that debate?
  

• The computer industry is California’s biggest industry. We’re a huge part of the economy, we’re in a downturn still (does anyone believe that things will get better real soon now), and we’re not part of the debate. No candidate has said anything like “I’d revitalize the software industry by …” (again, subject to the fact that I don’t know who most of the candidates are). The fiscal crisis is important, granted. But most of what I’m hearing is embarassingly juvenile (on both sides). Let’s talk about important things. Like, for example, the currently depressed state of the largest industry in California. Or the continued impact of outsourcing technological development to foreign countries. Or … something. Let’s talk about actual issues.
  

• A “technology candidate” would put the focus on the future, instead of the embarassing partisan squalling and total government ineptitude that got us here. Let’s talk about what California can be, instead of pointing fingers over the current mess.
  

• High tech has a significant number of senior leaders. People who are moving on to the elder statesman role, but who have managed large companies through hard times. Brilliant, visionary, with significant executive experience and looking for their next challenge (or a graceful way to end their career). If an aging action star can be taken seriously, then we have a plethora of truly over-qualified candidates.
  

• [insert reasons here]

So who should it be? Without taking too strong a position, I will just state that, should

Andy Grove

run, I will not only vote for him, I will contribute money to his campaign fund. He’s brilliant, he’s run large organizations in hard times, he understands technology and technological industries at a deep level, and he understands, as an immigrant who fled a horrifying dictatorship, what America is fundamentally all about.

I also hereby promise that, no matter what, I will not vote for: Gray Davis, Richard Riordan, Arnold Schwarzenegger, Willie Brown, Dianne Feinstein, Barbara Boxer, Arriana Huffington, Michael Huffington, William Simon, Bill Lockyer, Phil Angelides, or Darrell Issa.

Who else from our industry would make a good governor for California?

Is it just me or is the news this weekend flying off into the realm
of the absurd. Today, for example…

• Olestra, the fake fat that introduced the term anal leakage
  to our lexicon (scan down for entry 4 if you need to know about anal leakage. It’s worth reading, if only for the priceless observation that “Snacking should be a pleasure undiluted with problems like dirty underwear”), has been
  officially
  declared safe by the FDA
  

• Over 300 people have declared their interest in becoming governor of California
  this fall. Including Larry Flynt
  but not, at least not so far, including the sage of Sebastapol.
  

• The Department of Homeland security, mere weeks after
  standardizing on Microsoft products for both their desktops and servers, has realized that the decision might have security implications.
  Of course, it appears that the Department of Homeland Security never really took standardizing on Windows all that seriously anyway

Related link: http://www.intellij.net/eap

Creating IDEA Projects Just Got Harder

Last night I decided to play around with Java generics. The easiest way to learn, in my opinion, is with a good editor that quickly highlights syntax errors. Of course, I am talking about IDEA. Currently, only the early access version (build 876 at the time of this writing) supports generics. So I downloaded this version and started getting ready to code my heart out. But something happened…

Where Is The Classpath?

Okay, I have long been an advocate of IDEA, and let’s face it, it is the best IDE out there. I am sure we all have our favorite IDEA features, but I would like to point out one in particular: the simplicity of creating a project. I can setup a project in a matter of minutes (as long as I know where everything is at). When setting up a project IDEA uses terms like:

• Project
• Sourcepath
• Classpath

All Java developers know what goes on the classpath (or at least they should). Most developers can quickly figure out what the sourcepath is for. Even the project path is self-explanatory. So what is my point you ask? Well the folks at IDEA changed how a project is created and maintained. Now we have terms like:

• Contents
• Libraries
• Add Classes
• Attach Classes
• Add Named Library
• Add Global Library
• Add Project Library

Things were a lot simpler when I just had a classpath. I am also really curious on the difference between Add Classes and Attach Classes. They sound similar, don’t they? I guess I could read their documentation to find out, but remember before I was just dealing with the classpath. I guess that Add Classes adds new files to the classpath, and perhaps Attach Classes attaches classes to, well, uh… I don’t know.

What Can The IntelliJ Folks Do?

I enjoy providing suggestions when ranting. My suggestion to the IDEA folks is to give us a simple way to create a project. I want a classpath, sourcepath, and project path. I want to code, not think about how to elegantly setup an environment in an IDE. I’ll use Ant to create a pristine development environment. I want IDEA to let me code.

I must end on a positive note. IDEA still rocks! The new features that are in the latest build are really slick. The UI is very responsive, too, despite the occasional error dialog. I still recommend IDEA to all Java developers. Of course, the price has gone up considerably. I just hope I am able to afford the upgrade for the next release. Perhaps they’ll give me a discount. ;-)

Many people have noticed that the web is growing in total size (as measured in the total number of pages). Very few people have publicly noticed that the web is also growing in effective size, because people are reading more web pages. I think we’re all reading more web pages than we were reading a year ago, and we’re reading more web pages than we expected to (that is, if you had polled people a year ago, and asked “How many web pages will you look at on July 31, 2003,” I think the answer would have been a significant underestimate).

This is actually a problem.

Better minds than mine have noticed the incredible pace at which information flows by in the modern world. We’re deluged in information. It’s hard to cope with the volume, it’s hard to make connections between the various bits, and it’s very very hard to figure out what’s important.

Hell, I can’t even keep up with the J2EE specs.

My “favorites” list in Internet Explorer has over 1,000 websites. There are 20 top level categories.
The “weblogs” category, which is a top-level category, has approximately 100 weblogs, most of which change at least once a day (and most of which I visit at least twice a month).

This is too much information. Things flow by, they get registered in fleeting glimpses, and then they’re gone, leaving only a tiny subconscious wake to show they’ve ever been there.

And then along comes something like RSS. If you don’t want to read that FAQ, here’s the short version: RSS is like a card-catalog for the web. It’s an XML feed that tells you a little about a web page, including when it last changed. And aggregators like NewsMonster take full advantage of this, to let you monitor the web as it’s changing.

Purists will argue about which version of RSS is the right one, and which one they should use. There’s a faction out there right now that’s creating a fork in the RSS universe, allegedly because RSS isn’t quite flexible and powerful enough (but it’s happened before and most people are yawning and saying whatever).

That’s mostly noise. Here’s what’s really true and important about RSS: It increases the rate at which information flows by and it decreases the number of times you read a web page twice.

RSS makes the web more addictive; it helps make sure we only get new-to-us information, and that we get that information when it’s fresh.

RSS is impressive; it’s a simple spec that makes a lot of new functionality possible.

I’m just not sure that the side effect, of accelerating the rate at which we turn into into information junkies, is necessarily a good thing.

Seen any other neat technologies that you have reservations about?