lucky13

I downloaded a ton of tech-related podcasts over the weekend. Some of them were older but still informative, others were more recent and not exactly worth the time or bandwidth it took to listen to them. I’m still going through them. Some merit more ear-time than others.

One of them seemed promising by its name: Productive Linux. I think I downloaded two or three episodes. I stopped the first one I listened to and forwarded to the next when the host started spelling out commands and options for editing Firefox chrome. The last thing I want to hear when I’m running at 4:30 in the morning is a spelling lesson. No thanks, next.

Then I got his review of Absolute Linux, one of the smaller and easier to set up (Slackware is NOT hard to set up — read the documentation and it’s quite easy) Slackware-based sub-distros suitable for older computers. Once I got past the host’s prattle about how “clean” and “vanilla” and “stable” it felt (compared, pray tell, to what?), I got the substance of his review and impressions.

First, the host very obviously didn’t bother to read the Absolute site because — RIGHT THERE ON THE FRONT PAGE — it very clearly mentions that it uses Slackware binary packaging:

Accepts packages made for same Slackware Version, so you can use Slackware software repositories.

Duh. Nobody reads anything anymore. Oh, and the bold and underlined emphasis is mine. I’d make it blink but wordpress doesn’t support it. TG.

So I then got to listen to him go off on a tangent about compiling. Yes, you can do that with Slackware because its base is very complete with the most oft-used libraries. But it’s untrue that Slackware requires compiling your own apps because Slackware does have binary packaging.

Then we got into his likes and dislikes. He was disappointed that it didn’t come with audacity. So? How does that relate to productivity? That’s available from the official and many of the unofficial Slack-package sites and repositories. He also didn’t care for the wallpaper or default GTK theme. What was the first application he compiled? A switcher for GTK themes. So productive. I then endured more talk about themes. Productive? Not IMO. He berated the sparse choice of included productivity software. Never mind anyone can get the most current version (that would be the one with the most recent bug fixes and security patches) of Open Office from the Open Office website or from (duh) Slackware’s repositories.

I was about to end this attack on my ears and my intelligence when the host said that the version of Absolute he was using was a release candidate. Oh, nice.

It would’ve been nicer to know that before listening to what an ‘unfinished’ product he thought it was. I wouldn’t have wasted my time. I would’ve been more productive.

EDIT: I realize what I wrote probably seems harsh, but I thought the review was overly critical especially considering it wasn’t RELEASE and because he started with a presumption that isn’t even true (binary packaging).

I take exception, too, to the prevailing standard too many reviews have for distros: that their initial mixes of application are how they should be judged. I think that’s bullshit because anyone can take distro X, change a few apps around, and call it distro Y. Look instead at their paradigms — what do they do differently than the others? In the case of Slackware, it’s about keeping things as simple and straightforward (in the Unix sense) as possible. In other distros, it’s about package management (after all, Debian is aiming for neutrality and has compatibility with other operating systems like FreeBSD and GNU Hurd). It’s not what it comes with but how you use it and what you can add and why. Tell me that, don’t tell me it still uses version A.B.C instead of A.B.D of some application. Tell me why it exists, why its developers do things in certain ways.

I also admit I don’t get the relationship between things like themes and productivity. I’ve edited many themes for jwm for DSL — not because that matters so much to me but to help reduce the noise from people who thought DSL wasn’t aesthetically attractive. As we’ve seen with DSL, it doesn’t matter how many themes you offer or how much you dress it up, people are going to grumble anyway. THAT’S WHY THEMES AND WALLPAPERS CAN BE CHANGED. IT’S SUBJECTIVE. IF YOU DON’T LIKE DEFAULT SETTINGS AND THAT’S GOING TO CAUSE YOU TO WHINE, CHANGE IT. BUT IS THAT REALLY THE MOST IMPORTANT THING ABOUT JUDGING HOW DISTROS ARE DIFFERENT?

That’s why I wrote fairly harshly about that particular podcast. Maybe the rest of his stuff is worth listening to, maybe it’s more of what I heard. When I think of “productive,” I think of substance. What little substance he had was misleading (Slackware does have binary packaging and Absolute Linux uses it) and the rest was about stuff that really doesn’t matter.

DSL 4.3 is out. Perhaps the most noteworthy change is the upgrade to Firefox 2.0 GTK1 (Bon Echo rebranding) from Firefox 1.0.6. Edit: There are other changes that deserve comment. The browser for MyDSL is now very much improved. The noicons cheatcode will now boot jwm without icons (in addition to not starting dfm on the desktop); this speeds things up quite a bit even though it’s primarily targeted at vintage low-RAM computers.

There are some things about it I don’t like. The first is something subjective and very easily changed: the default theme and wallpaper are too freaking dark. I’m also not a fan of black and white, and that’s essentially the color theme for jwm. This is a shot with Firefox opened all the way hiding the background save for the overlaying aterm. I’d already made some changes to remove the icons from the tray buttons and moved the tray to the top when I took the shot.

My biggest peeve of all is the search engine choice. Not choices, choice. It’s a Google search through DSL’s site. How many concerns do I have about that?

1. Privacy - are click-throughs being recorded? What’s John’s privacy policy for both DSL and Google searches through DSL?
2. Given DSL’s recent downtime and slow responses (see two or three entries ago), will this mean users will ultimately have to type google.com in the URI box anyway just to use Google?
3. Why should users have to go to the Firefox add-ons site to get standard choices for search engines?

Like I’m about to add in the DSL forums, that’s going to be easy enough to fix because I’ll download the GTK1 build of Firefox 2.0.0.14 anyway and just start with a fresh profile. But I think it sucks that someone would direct my searches through his site first. See what I wrote about Vector’s default settings so that every new browser installation or upgrade hits their website. Boo.

I (re-)installed Opera 9.5 beta 1 on my laptop.

Opera is free, but it’s not open source. In addition to having to accept any and all risks associated with using Opera on my computer, I had to acknowledge that I won’t use it to control aircraft or air traffic or in communications with aircraft (though it just dawned on me, I wonder if this include any spaceships from SETI@home — tg I don’t participate in that or else I’d have to stop using Opera).

I reluctantly agreed, too, that I won’t use Opera to design, construct, operate, or maintain any nuclear facility. I’m sure that will come as a great relief to my neighbors. I’m not so crazy about trading off my rights like that but that’s one of the prices I have to pay to use Opera.

Apple includes a EULA with iTunes and QuickTime that’s even more restrictive, forbidding the use of their software in any WMD program — nuclear, chemical, biological. Nazis.

Mozilla fixes 10 Firefox flaws, half seen as ‘critical’:

Mozilla also patched potential identity leaks, spoofing bugs and cross-site scripting vulnerabilities in 2.0.0.13. But the fix that caught Storms’ eye was detailed by 2008-18, a fix for LiveConnect, a feature that harks back to Firefox’s predecessor, Netscape Navigator. LiveConnect lets Java applets call a Web page’s embedded JavaScript, or JavaScript access the Java runtime libraries, and it is used by both Firefox and Apple Inc.’s Safari 3 browser.

“Sun has updated the Java Runtime Environment with a fix for this problem. Mozilla has also added a fix to LiveConnect to protect users who don’t have the latest version of Java,” Mozilla said in the advisory.

“Here we have Firefox putting out a mitigation step for a bug in Java,” said Storms. “It’s a welcome addition when one vendor can help out another.”

All 10 vulnerabilities were also patched by the SeaMonkey Project, a separate open-source initiative that develops a multifunction browser suite.

The Thunderbird e-mail client, meanwhile, is affected by the five critical flaws listed in 2008-14 and 2008-15. “Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were to be enabled in mail,” read the first of the two bulletins. “This is not the default setting, and we strongly discourage users from running JavaScript in mail.”

A release date for Thunderbird 2.0.0.13 to fix the flaws has not been set. According to David Ascher, the head of Mozilla Messaging, the e-mailer’s update will follow Firefox’s by “several weeks.” In a post to his blog last week, Ascher cited several reasons why a simultaneous release of Thunderbird and Firefox updates was impossible. “Some of those resource contentions are due to not enough automation for the Thunderbird release process, and some of it is the consequence of not enough people with the right training,” he said.

Ascher defended the lag by noting that while JavaScript is turned on by default in Firefox, it is not in Thunderbird. “We could delay releasing Firefox until Thunderbird was ready, in the interest of mitigating the risk of someone using knowledge from the Firefox release to try and attack Thunderbird users,” said Ascher. “But that would mean leaving over 150 million users vulnerable. So, applying the correct math, we release Firefox security updates as soon as possible, and Thunderbird security updates as soon as possible.”

Nice that the Firefox people can help cover Sun’s asses but not Thunderbird’s.

I read an article that the Mozilla folks are so proud of Firefox 3 beta 4 that they’re encouraging it for average users. So I decided I would give it a spin.

I downloaded the tarball and set it up in /opt. From a console, I opened it up. I got the first box asking if I wanted to import my bookmarks and settings from Seamonkey (which was installed by default in Vector, and which I manually upgraded rather than using their package because I didn’t want to slow my computer down with all the slick Vector imagery — an issue which I’ll address soon). I did. It then announced my settings were brought over and asked if I wanted the Mozilla search page or my existing home page. I selected my home page.

Then the fun began. Some Arabic writing appeared on the window title bar. And in the tab. My first concern was that I had downloaded an Arabic version instead of the American English one. Looked at it. Umm, nope. Got the right one.

Vector apparently opens to their website when browsers are fired up the first time. That’s another peeve of mine — when someone insists on including configurations that direct me to their sites (you think six links to different parts of the site aren’t enough? am I really important enough to count me when I run seamonkey and firefox the first time?). In the process I found out their site’s been hacked.

This is a later shot when I realized what was going on (and I left open a tab when checking on this to make sure the file I downloaded didn’t have any known issues). But you get the point.

When I realized what was going on, I decided to open the site in dillo and that’s when I found out the criminal did a bit more. Dillo displayed it, Firefox resulted in a 404.

Anyway, hitting a hacked site because the distro I’m using includes a hit to that page in the default install even if I don’t use their packaging has given me a more negative impression of Vector than Firefox. I’m sure others who are using Vector for the first time this evening have the same impression — maybe worse.

I haven’t had time to weigh how much better Firefox 3 behaves with respect to memory, nor have I had time to delve into any new features. So far I see a familiar interface that handles things identically to earlier versions. I’ll have more time this weekend to try it out.

InterActiveCorp bought ask.com and affiliated sites for nearly $2.5 billion two and a half years ago. They thought they could play hard against Google. Nope. Now they’re laying off forty employees and turning ask.com into a niche search engine aimed at married southern women looking for recipe and hobby information.

Ask.com scales back in makeover:

The decision to cater to married women primarily living in the southern and midwestern United States comes after Ask spent years trying to build a better all-purpose search engine than Google.

Meanwhile, Yahoo and Time-Warner are involved in talks to fend off Microsoft’s bid for Yahoo. The deal would have Yahoo acquire Time-Warner’s AOL division and Time-Warner would take a stake in Yahoo.

Did IPods Cause a Crime Wave?:

It’s easy to see why iPods would be alluring targets for criminals: The music players are valuable and easy to resell, and people absorbed in their personal soundtracks can be vulnerably oblivious to their surroundings. But could the temptation for stealing iPods be so strong that they’re behind an increase in the crime rate? Researchers at [the Urban Institute] say yes.

I’m trying to decide which part of this I find dumbest. That thieves prefer iPods to better devices, that a think tank would hold panel discussions about this subject, or that the think tank’s solution would involve “technologies that would render stolen gadgets useless” — which could mean you’re screwed if you ever forget your own pass phrase.

NOW FIX IT FASTER THAN THE DISRUPTION LAST APRIL.

Here are two cellular related articles. The first is about a guy who didn’t understand his terms of service, the other is about spammers and public interest groups taking on Verizon for blocking unsolicited text messages. Filed under “just plain dumb” because ignorance isn’t an excuse to avoid obligations and because I don’t think carriers and their subscribers should have to subsidize those who send unsolicited text messages.

Piotr Staniaszek of Calgary, AB, didn’t read through his cellular service agreement and thought “$10/month unlimited mobile browser plan” added on to his service meant that he could connect his computer to the phone to download high-def movies and other sizable content. The contract specified that the unlimited browsing applied only to the phone. He was charged on a per kb basis when the phone was connected to his computer.

I believe in buyer beware and that users are responsible for understanding their agreement terms. And I do in this case. It’s his fault for not reading and/or understanding the terms of service. Though I wouldn’t absolve him of anything for his ignorance, I do agree with his point (quoted below): if phone companies turn off service for being late on a few dollars, why would they allow $85,000 bills to be run up without notifying the customer?

Canadian hit with whopping 85,000-dollar cellphone bill:

“The thing is, they’ve cut my phone off for being like 100 dollars over. Here, I’m 85,000 dollars over and nobody bothered to give me a call and tell me what was going on.”

Bell Canada offered to reduce the bill to CA$3243. It’s a very fair gesture, in my opinion, but Staniaszek won’t take them up on it. He wouldn’t want me on his jury.

Should Cellular Services Block Unsolicited Text Messages?:

If the FCC grants the petition [filed by various interest groups], it would open up mobile phone networks to millions of pieces of text spam, Nelson added. Verizon Wireless currently blocks between 100 million and 200 million unwanted text messages advertising pornography and other products, he said. Text messaging in the U.S. would quickly become “unusable” because of all the unblocked spam, Nelson said.

My answer to the question is, YES. Carriers are under no obligation to provide unfettered access to those sending unsolicited messages across their networks. It ends up costing their paying customers millions of dollars a month, and it also costs the companies money as they cancel charges to customers who object about receiving unsolicited text messages.

If those interest groups and spammers want unfettered access to send text messages to cellular subscribers, let them figure out a way to pay for that content so the subscribers don’t have to subsidize their spamming activities. Also require an opt-in for those who actually want to receive unsolicited messages.

Forgive me, I know this isn’t tech-related. But it’s great news. Food Network is canceling Emeril Live. More Giada De Laurentiis, please.