mkj musings

It isn't often that I find myself checking snopes before posting about something that happened to me. As in never. Until now.

I was heating filtered water in the microwave oven for tea, in a glass mug. It seemed to be taking a long time to boil (I wanted strong tea, so I was going to steep it just off boiling). As I peered through the microwave's window, there was a muffled explosion, and boiling water and steam spewed out of the microwave. I immediately turned off the microwave and tentatively opened the door. 90% of the water was no longer in the mug. Some of it was still in the microwave; the rest was on the cupboards and floor.

I immediately googled "microwave exploding water" and found that the first hit was a snopes page (True!), the second a link to Steve Spangler Science with more confirmation, and the third hit was a mythbusters video showing exploding water in slow motion.

Wow, I'm glad that happened before I opened the microwave door. It was more likely to have happened when I moved the mug or dropped tea into the water, so I count myself lucky.

So, a Public Safety Announcement: If you are microwaving water, especially filtered water, add a wooden stir stick or some other non-metallic object to provide a nucleation site to prevent superheating and possible subsequent scalding.

posted at: 21:15 | path: /psa | permanent link to this entry

tl;dr

I can stop doing cryptic crosswords any time I want to. I just don't happen to want to right now.

In Fall 2009, my wife finally succeeded in her long attempts to get me to start doing crosswords. As a child, I once filled out a newspaper crossword that advertised a $100 prize and sent it in, confident in my newfound wealth. I was bitterly disappointed when the next week's paper came out with no mention of the crossword having been solved, and indeed no money arrived. I decided that crossword authors were capricious and gave up on the genre.

My wife's help was really important. I learned about "crossword words;" she would look at a clue and give me a word that I'd never heard. I would blink and ask her what it meant, and she'd just say "I don't know; it's a crossword word." I learned that any clue in four letters that references a dog in a movie is about 85% likely to be Asta (from the Thin Man movies); 10% likely to be Toto (I don't think we're in Kansas anymore), and 5% something else, and if you have only one crosser in the third letter you just can't fill it in until you get one more crosser, though you can guess at Asta and see if it helps you with any of the crossers. I learned, also, that you are expected to have an encyclopedic knowledge of Broadway, the silver screen, and popular music; including the winner, runner-up, and second runner-up for every award ever given in any entertainment venue. Blah. I know next to nothing about popular entertainment culture.

After we had finished one book full of NYT dailies, I griped to a co-worker (Thanks, Andy!) about all the required esoterica, and he introduced me to the cryptic crossword, in which each clue is a word puzzle. He told me to get a book that had an introduction to how the word puzzles worked.

By sheer luck, I happened on what I believe is the absolute best book to start with: Fraser Simpson's 102 Cryptic Crosswords. Fraser Simpson, a Canadian math teacher, is one of the most stringent practitioners of a strict rule for making each word puzzle fair. He gave this newcomer to cryptics the ability to trust that the clues would make sense, so that I didn't throw it down in disgust.

I heartily recommend Simpson's work for getting started. After his "102" (all of which he constructed), I would suggest 101 Cryptic Crosswords: From the New Yorker which he edited. The style isn't quite as consistent, since he's the editor, not the sole constructor. Getting used to the different styles is an excellent way to launching into more cryptic crosswords.

From there, there are really two ways to go. There are two basic schools of thought in cryptics. One tries to stick fairly strictly to the rules of fairness set out by "Ximenes" (Derrick Somerset Macnutt), and the other is rather looser. In the stricter school, if the solver has to understand that you are using a word with an invented meaning or as a pun, the constructor (or "setter") is expected to tell the solver (normally with a question mark). In the looser school, you are just expected to figure out that (for example) a "flower" might be a river (because it flows) or a "banker" might be a river (because it, um, has banks), so that "italian banker" would "obviously" clue "po". In practice, there are perhaps a few hundred or few thousand of these odd constructions that solvers just memorize, as an esoteric jargon. In my opinion, this detracts from the beauty of the puzzles while making them less accessible, and is a concession to setters who have trouble coming up with better clues.

If this has piqued your interest, I strongly recommend the two Fraser Simpson collections, and then after that, there are several possibilities:

• Theresa Cunningham wrote the best online description I've seen yet on how to solve cryptics.
• Ron Sweet (Kegler) has puzzles online at various difficulty levels, including some introductory puzzles originally written for children and great for learning.
• The crosswordfiend.com Cryptic Crossword forum, where several amateur and a few professional cryptic setters hang out and work on clues together. (The original members were the "Cryptic Cru" from the now-defunct NYT puzzle forum.)
• The NYT puzzle forum's Cryptic Cru had a long-running workshop, with 238 puzzles available.
• Alberich, a professional British compiler, hosts a growing online collection of freely-downloadable cryptics.
• For a few years (1998-2000) the occasional Team Cryptic Crossword Construction Competition was held on the rec.puzzles.crosswords newsgroup. The puzzles are still available. Some of the clues are not quite fair; the nature of a competition is that some are better than others!
• On Android, Shortyz is probably the best crossword application, can be set to automatically download Kegler and Cru Cryptic Workshop puzzles, and is open source.

posted at: 21:30 | path: /words | permanent link to this entry

I have found myself reading Adobe's AMF3 specification, and trying to read their ABNF grammar for AMF3. Unfortunately, Adobe have seen fit to format their nesting in arbitrary ways that make it hard to read. Here are two examples from the specification (which has not been touched since 2008, to the best of my knowledge):

array-type        =   array-marker (U29O-ref | (U29A-value
                      (UTF-8-empty | *(assoc-value) UTF-8-empty)
                      *(value-type)))
...
object-type       =   object-marker (U29O-ref | (U29O-traits-ext
                      class-name *(U8)) | U29O-traits-ref | (U29O-
                      traits class-name *(UTF-8-vr))) *(value-type)
                      *(dynamic-member)))

Line breaks in arbitrary places do not make the ABNF any easier to read. (Line breaks in the middle of a terminal are also in poor taste.) If you count the parentheses in the object-type definition, you will find that there are two extra closing parentheses. This is not optimal for a grammar for a binary language that is supposed to enable interoperation.

If the specification authors had used logical layout, this would have been completely obvious:

array-type        =   array-marker (U29O-ref |
                                    (U29A-value
                                     (UTF-8-empty | *(assoc-value) UTF-8-empty)
                                     *(value-type)))
...
object-type       =   object-marker (U29O-ref |
                                     (U29O-traits-ext class-name *(U8)) |
                                     U29O-traits-ref |
                                     (U29O-traits class-name *(UTF-8-vr))
                                    ) *(value-type) *(dynamic-member)
))

I guess it should surprise no one that a long-time Python programmer would suggest that literal layout influences both readability and comprehensibility.

I guess I should also rant that the specification says that the grammar is specified in Augmented Backus-Naur Form, and explicitly references RFC2234 (since obsoleted by RFC4234, then by RFC5234), but then uses the vertical bar character | when RFC2234 clearly states that alternatives will be presented with a solidus (forward slash) /. However, we're all used to | from BNF and EBNF, so I can forgive that more easily...

posted at: 14:01 | path: /rants | permanent link to this entry

tl;dr: good job!

Last month, I blogged about my new treaddesking experience on my new Livestrong treadmill. Among other things, I said:

The annoying squeaking that the treadmill made when I first turned it on is getting quieter. If it doesn't go away entirely, though, I need to call the manufacturer.

The squeaking, while quiet, didn't go away, and the manufacturer's web site said that it shouldn't squeak and to call customer support.

I was not excited about the idea of calling customer support. I imagined long wait times followed by sceptical or powerless customer support agents.

Imagine my surprise when the agent took me seriously, and after I described what I had checked so far offered to immediately send out a new motor, apologizing that it would take a few days. I asked for more things I could check first, because I didn't want to make them send a part that would turn out not to be the right thing, and so she gave me two more things I could look at if I wanted. This involved removing some screws and temporarily taking things apart, and there were no warnings that by doing so I would be voiding my warranty. What a refreshing change from "no user-serviceable parts inside!"

I called back a few days later to confirm that I had checked the things we had discussed and to ask whether there was anything else I could do. I got a different customer service representative this time, but he was just as helpful as the first. He said no, nothing else to check, they'd happily send me a new motor and then have a technician come to my house to install it after it arrived. I asked if it would be OK if I installed it myself, and he cheerfully agreed to include an instruction sheet and said that was just fine for me to do the installation myself.

I now have a quieter treadmill.

posted at: 10:16 | path: /raves | permanent link to this entry

Months ago, my eldest daughter accidentally broke the glass turntable tray in our microwave oven. I quickly googled the part and determined that it was almost $80, plus shipping and handling; I showed her the price, and inverted a dinner plate in the microwave to hold food up at the right level, though the food no longer rotated. I meant to order a new one quickly, but somehow there was always too much else to do.

My wife made it clear that priorities had changed, so I again googled the part number, and was pleasantly surprised to see the part available for $37 instead of $80, though the discrepancy made me wonder whether there would be something wrong with it. Also, it was from one of those specialty hostnames that always make me wonder. But the site looked otherwise ligit, so I gave www.microwaveglasstrays.com (really, Martin Microwave in Chattanooga, TN) a try.

Since it seems that people normally report only bad experiences, I'd like to report instead that Martin Microwave shipped the part immediately, very well packed. Not only did they have the lowest price I could find, they also shipped quickly and well.

I'm hoping not to need to be a repeat customer soon—my daughter promises to be more careful!

posted at: 15:17 | path: /raves | permanent link to this entry

In December, Steelcase loaned rPath a "Walkstation" for a week. This is a basic treadmill with a desk attached that has motorized height adjustment. Unfortunately, it is very expensive ($4200 is the lowest I've seen), maxes out at 2 miles per hour, has a small tread area, has no incline capability, and the retractable console for controlling the treadmill has sharp edges. It beeps loudly whenever you press a button, and the treadmill isn't the quietest I've heard.

Despite these shortcomings, I was quickly hooked, to the disgust of some in the office, who were annoyed by the constant noise of the tread even more than the occasional beeping. (The Walkstation had to be moved about the office several times due to complaints about the noise.) A few other people were interested, so I couldn't walk all day, I had to let other people use it too. But although I wanted to walk a bit faster than 2 miles per hour much of the time, I noticed on my first day trying it that I was particularly productive while walking and coding. I have noticed that when I'm trying to work out a knotty problem, I often get up and pace energetically. This way, I was already pacing!

I am ready for a lifestyle change. I spend way too much time sitting down, and almost every evening I find some important work to do and put off exercising until the next day. And the next. And so on and so forth. I like to walk. I like my work. I finally know how I can put these together!

Over the past month, I've done as much research as I could online. I also spent a few hours in stores walking on different treadmills. I compared cost and features, and learned about how treadmills work and what separates different models. You might think that if you are mainly going to walk, not run, you really are not putting much stress on the treadmill and can get by with a cheap unit. Unfortunately, I read that this is not the case. Low-power motors have trouble going slowly smoothly, and they can overheat when run for a long time, shortening their lifespan. Also, within their capabilities, they tend to be louder for the load they are carrying. At least, that's what I read. Maybe I'm just a sucker.

Sunday afternoon, I bit the bullet and bought a midrange treadmill: 3 continuous horsepower, 20"x60" belt, reasonably quiet. The box was over 300 pounds. Sliding it into the house was not that hard. My idea was that we would carry the individual pieces upstairs, and I'd assemble it there. Unfortunately, the heaviest piece was too heavy for my wife and I to carry together up the stairs. So we now have a treadmill assembled in our entryway, and I have been working in the entryway for several hours per day.

I'm hooked.

Also, I've been learning. Here are a few things:

The annoying squeaking that the treadmill made when I first turned it on is getting quieter. If it doesn't go away entirely, though, I need to call the manufacturer.

I think that I want a higher desk than most treaddeskers do. The pile of boards and books on which I've placed my laptop is at least six inches thick, resting on the treadmill arms, and I could maybe use another half an inch, without any incline on the deck. I'm waiting to build something more permanent until I have some more experience. The TrekDesk does not appeal to me; I really need only enough space for a laptop, cell phone, and maybe a mouse. Getting a unit with a long deck gives me the flexibility to have enough desk between me and the console.

I may need "technical" clothing if I'm going to do this for 2-4 hours at a stretch. I have experienced some chafing, which surprised me because it isn't a problem when I'm walking normally, even when I'm walking for hours. Probably the fact that there aren't any turns in the road has something to do with this; it's just more repetitive. I also need good walking shoes. With my loafers (my normal footwear), I've been doing an hour in shoes, followed by half and hour to an hour in stocking feet, then back into shoes, but I really need something a bit better.

I have to compete with the kids for treadmill time. DD8 has spent an hour in a day on it, half of it running (I had to insist that she not run 5-6 miles per hour while reading, which just didn't seem quite safe to me); DD6 and DS3 both seem satisfied after about 20 minutes.

I'm ready to move this thing to a more permanent location!

posted at: 22:53 | path: /raves | permanent link to this entry

My father, an internist, has been self-publishing a short collection of stories on death and dying called Kind Farewells; each tells a story from his medical practice about a death that touched him, and others, deeply. So far, he has listed the book on lulu.com in hardcover, softcover, and PDF download formats. Recently, he decided that he wanted to offer it in various e-book formats as well.

This shouldn't be hard. He wrote the book in OpenOffice; the two most common ebook formats (epub and mobi) are both collections of HTML files; OpenOffice is able to export to HTML; and the Calibre tool is freely available to convert into many formats, including epub and mobi. So this should be a matter of choosing whether to export the HTML as a single file or as one file per chapter, converting it in Calibre, reviewing the converted content, and posting the file to Amazon's Digital Text Platform to make it available on the Kindle, Barnes and Noble's PubIt! to make it available for the Nook, and any other e-bookstores that are easy to use and allow individuals to publish books.

He asked for some help.

In practice, our biggest difficulty was OpenOffice.org HTML output formatting. We encountered two kinds of problems. The first was a simple bug; after the closing </html> tag, OpenOffice appended a few lines of seemly-random text from within the file. The second was that the conversion was clearly intended to preserve as many WYSIWYG elements as possible, which clashed badly with the constraints of ebook displays.

I ended up using the Python lxml module to write a short script which I made available on bitbucket to clean up OpenOffice.org HTML output for use in an e-book. I'm not intending to do active long-term maintenance of the script, so I encourage anyone who needs to modify it to fork it on bitbucket. If you use the "fork" button on bitbucket, the fork will show up on the main page for other people to see.

When I run the script, in order to make sure that the changes are only to the styling and do not modify the text of the book, I compare the output of lynx -dump before and after processing using diff -u. Since lynx does not honor CSS (as far as I know), my CSS changes have no impact on the output, and therefore bugs in my conversion script stood out as differences in the output from lynx.

The script isn't particularly quick; I intentionally wrote it to use XPath and multiple passes to make it easy to understand, edit, and modify.

The end result: While Barnes and Noble has taken days and still has not made Kind Farewells available in the NOOKstore, it showed up in less than a day on Amazon

posted at: 11:13 | path: /words | permanent link to this entry

Yesterday, I blogged about why I was happy I bought Samsung cell phones.

Today, I got confirmation that Samsung seems serious about open source on an ongoing basis, and I'm even more encouraged.

posted at: 16:12 | path: /raves | permanent link to this entry

Briefly:

• Started to play with the Galaxy S (GT-I9000) phone Harald Welte reports that Samsung is going a good job of living up to its GPL requirements for its Linux-based Android phones, including the Galaxy S series.
• GPL violation reports in HTC G2 Android phone Harald Welte discusses a long string of GPL violation issues on HTC's part, including their willful and acknowledged flouting of the GPL.
• HTC Willfully Violates the GPL in T-Mobile's New G2 Android Phone Steve Schultze quotes HTC directly admitting that they do not follow the GPL, pretending that withholding source code is acceptable under the GPL.

The longer version: Not quite two years ago, I bought an HTC-built AT&T Fuze phone—my first running Windows—because it was the only phone I could get at the time that gave me 640 x 480 pixels on the display and sufficient external storage; enough to reasonably use as a backup device to hold a full set of approach plates so that if I for any reason did not have the correct approach plates available for my flight, I could pull out my cell phone (with the cell radio off, of course!) and use it to get at the information I need to safely land in instrument conditions.

It was a so-so experience. The interface was clunky, but at least the platform wasn't locked down; if only because Microsoft wasn't good enough at the time to make a platform that could be locked down effectively... I could download a few apps for it that made it sufficiently usable, and I could put up with its quirks. But it certainly didn't make me fall in love with Windows, or with Microsoft as an OS provider.

I tried a community build of Android on the Fuze, and found that even without HTC's help, Android was smoother, quicker, more usable than winmo. There were enough missing things, and battery life was bad enough, that I clearly wasn't going to be able to just use the Fuze as an android device, but it was enough to make me want to get an Android device for my next phone.

I considered buying a new larger HTC-built phone (I wasn't sure which to pick, and was waiting for the next batch of Android phones from HTC) and the smaller HTC Aria for my wife. Fortunately, I did my research and discovered that HTC was withholding infomation on the Aria, making it a hard platform for the wider Android development community to support, and clearly not living up to their GPL commitments in general on their Android phones.

The fact that Harald Welte, who is careful, thoughtful, and knowledgeable about the GPL (including a long history of successfully enforcing legal actions against companies that violate the GPL), says that Samsung has done a good job of living up to its GPL obligations was the number one deciding factor for me to choose not to purchase two more HTC phones.

I bought a pair of Samsung Galaxy S "Captivate" phones; one for me, one for my wife. HTC's choice to alienate open source advocates, and Samsung's choice to follow the rules, paired up to give Samsung two sales at HTC's expense. I know that two is not a large number, but I hope I'm not alone. I'd like to thank Samsung for making it easier to vote with my feet by creating a rather compelling offering—the Galaxy S is a nice platform. (Here's hoping AT&T doesn't wreck Froyo when they make the update available!)

posted at: 10:45 | path: /raves | permanent link to this entry

Erik Troan and I co-authored two editions of Linux Application Development, so I have some idea of what it takes to write a Linux programming book. It's a lot of work to do well, doing proper research, trying to keep up to date, trying to meet the needs of a wide variety of readers.

Over the past several years, I have had a sense that the Linux man pages were becoming more complete, with a growing body of precise and nuanced detail. At some point, I became aware that it was Michael Kerrisk's fine work that I was appreciating, as he built substantially on the fine base provided by the previous maintainers Rik Faith and Andries Brouwer.

Michael Kerrisk then picked up the task of writing a book to cover similar material as Linux Application Development, but in both greater detail and extended scope. His new work, The Linux Programming Interface, has after long labor been published, and it looks like it was worth the wait. After reading a few initial sample chapters (the preface, and chapters 2, 9, and 30), I can say with great relief that it appears that Erik and I do not need to prepare a third edition of Linux Application Development — we can name TLPI as LAD's successor. Erik and I wrote LAD because it was the book we needed as a reference that was not otherwise available. That reason appears to be dissipating.

I'm looking forward to reading the whole book after it arrives, and reporting my impressions in more detail later!

posted at: 16:05 | path: /raves | permanent link to this entry

I had a page open to check the progress of an Amtrak train, so that I could know when to pick up a passenger. Not a lot of info was available. As of 8:30PM, it just said "on time" for 9:00PM (though the timetable said 9:13PM instead of 9:00PM, just to keep things interesting).

I arrived at the station at 9:00PM to find out that the train had arrived at 8:30PM. When I returned home, I refreshed the page from the Amtrak site, curious what it would say. There were two surprises. The first was that it said that the train had actually arrived at 8:40PM. The second was how late the site said this 20-minutes-early train was.

posted at: 23:00 | path: /rants | permanent link to this entry

In part because my children are perhaps not quite so careful with CDs as I am, I ripped all my CDs (at least, all that will still read!) to flac, ogg, and mp3 files. The second half of the project was to get a media player that could play all those files -- preferably over the network from my main server so that I don't have to copy files onto an SD card every time I get a new CD and rip it.

When the Archos 7 Home Tablet was announced, it seemed like the obvious thing to use. WiFi to access the server. Should play oggs just fine. I don't really care very much about whether it can access the Android market, though the restrictions on the market seem rather silly to me.

After I downloaded Subsonic and installed the server portion on my home server and the client on my tablet, I had a working solution for audio. While the default RPM packaging for Subsonic is sub-optimal (making important directories world readable/writable, for example) and this makes me convinced that I would not want to expose a Subsonic server implementation to the world, on my internal network I'm fine with it, and it gives me all the functionality I need to play my music collection on my home stereo. (The only problem is that for reasons I haven't researched, I have to use mp3s instead of oggs, even though I can play ogg files directly on the tablet.)

However, I'm not all that impressed with the Archos 7 Home Tablet. As reported by others, the native browser crashes almost instantly when you try to actually use it. It rarely survives a google search from the google search widget. I'm not impressed that Archos shipped something this broken, and less impressed that Archos has not yet released an updated firmware to resolve this issue, nor do they have updates available in their proprietary "applib" for the malfunctioning browser. Using Dolphin Browser or Opera seems to be the only way to use this tablet to browse the web.

I'm also not impressed that this late, they are still shipping an Android 1.5 OS.

Kindly, a user has stepped up to the plate and delivered a firmware update (shame on Archos for their lack of attention to this device!) that resolves at least some issues. So far, the browser hasn't crashed for me after applying the update. As a bonus, the user-supplied firmware enables the Android Market on the device, which made it a bit easier to get my apps back after wiping the system as part of applying the update.

It looks like there will soon be a whole crop of better tablet devices coming out with similar hardware but newer versions of Android. In retrospect, if I could make my decision again, I would wait and purchase a different tablet. Maybe at Kmart, of all places...

posted at: 11:47 | path: /rants | permanent link to this entry

The Google Security Team just posted a blog entry attempting to restore meaning to "responsible disclosure." It is absolutely worth reading.

As I see it, the phrase "responsible disclosure" has been stripped of meaning by vendors who use it as an excuse not to prioritize their customers' computer security. Irresponsible vendors have tried to make "responsible disclosure" mean a one-sided arrangement in which vendors get to set all the timelines for disclosure of all vulnerabilities. This irresponsible attempt at redefinition is inevitably alienating "white hat" software vulnerability researchers, as it creates a more vulnerable software ecosystem.

Fundamentally, "responsible disclosure" means that the researcher makes a best effort to put the needs of the end user first. When it is reasonable to assume that the vulnerability is newly discovered, it helps the end user to disclose first to the maintainer of the software (whether that's a vendor or otherwise) first. It also helps the end user to give the maintainer time to fix it right so that the vulnerability is really fixed and new vulnerabilities are not created. But when the maintainer doesn't bother to give the vulnerability priority, that just gives attackers more time to discover and make use of the vulnerability to subvert the end users' systems, which does not serve the end users' interests.

When there is reason to think that a vulnerability is known outside of the responsible security investigation community, it is clearly responsible to immediately disclose at least enough information to allow security-conscious end users secure their systems against attack. It should also be noted that that is almost always enough information to allow the unscrupulous to separately discover and make use of the vulnerability, so in this case responsible handling of the security flaw involves the maintainer making it a top priority to find an immediate mitigation, even if further work is required (also at high priority) to fully resolve the issue.

Some have suggested that the "responsible disclosure" emperor is wearing no clothes. I disagree. I think the problem is that irresponsible vendors have substituted an unclothed mannequin for the emperor, and are trying to pass off irresponsible handling of vulnerabilities as "responsible disclosure".

Responsible disclosure must be, first of all, responsible, and the responsibility is primarily to the end user. Security disclosure that primarily addresses vendor convenience is irresponsible.

posted at: 12:25 | path: /raves | permanent link to this entry

I not so recently mentioned that I was pleased with work that Jet City Devices did to my wife's smartphone. What I didn't know at the time was that while the screen was no longer cracked, the touch sensor was not working correctly; it was only occasionally registering touch on some parts of the screen, at best.

When my wife finally mentioned this to me, I mailed Matt at Jet City Devices about the problem. He gave me things to try to make sure it wasn't software, and said if they didn't work, to send the phone back, that it was a rare defect.

It wasn't a software problem. But instead of sending the phone back, my wife just learned to use the d-pad to use most features of the phone, until we were past Jet City Devices's 90-day warranty on the fix. Oops.

I finally bought a cheap dumbphone (Motofone F3) for my wife so that she would not have to be without a phone for a few days, and I emailed Matt. He didn't even bring up being past the warranty, and told us to send in the phone and he'd fix it. He didn't realize how long it had been, I think, so he didn't realize to give us his new mailing address, as he had moved office. My wife shipped off the phone. (Incidentally, she liked the Motofone F3; small, light, relatively indestructible; I think if she didn't want google maps and spreadsheets on her phone she would have stuck with the F3!)

After a week and a half of not hearing anything, I mailed Matt again. He worked out that the phone had been delivered to the new tenants of his old space, drove over to his old space and picked up the phone from the new tenants, fixed it, and had it back in the mail that day.

As he promised, the touch sensor is now working.

posted at: 09:05 | path: /raves | permanent link to this entry

As my kids are starting to want to "look for things on the internet", I started caring about what they might accidentally stumble onto, even in an appropriately supervised context.

I had vaguely heard about OpenDNS for some time, but had not really paid much attention to it. A few relatively recent articles on using it to make an internet connection somewhat more "family-friendly" caught my attention, and I finally signed up for a free account to try it out.

I have a local caching bind which forwarded to the nameservers that TWC provides to me (and to which I redirect all outgoing nameserver traffic via firewall rules), and I really haven't noticed nameservice being slow, so the "speed up your internet" advertising from OpenDNS wasn't ringing true. But the ability to filter out the worst of the sites dedicated to things that I think don't have a place in my home was interesting. So I signed up for a free account, changed a few lines in my bind configuration, and packaged and installed ddclient according to OpenDNS's instructions so that OpenDNS will continue to associate my home network with my home network settings on those rare occasions when my IP changes.

We weren't seeing lots of questionable content before the switch, so the fact that we've seen a total of two sites blocked since we signed up for the service is fine. It says that I can establish what I think are reasonable controls and it won't get in the way of normal activities.

Purely because I appreciate the service (I don't really care very much about saving statistics for longer), I signed up for a paid account. This service seems to me to be worth the $9.95/year.

A few days ago, OpenDNS rolled out a new free service called FamilyShield -- you can use a pre-configured set of filters without setting up any account at all merely by using 208.67.222.123 and 208.67.220.123 as your DNS servers (they include detailed instructions for how to do this on many different OS variants). This is exactly the same thing you'd get by signing up for their service and enabling the same set of filters for your account, so it's easy enough to upgrade to their free service if you want to customize the filters -- you just sign up for a free account, change the IP address you use for the resolvers, choose the filters you want, associate your IP address with your account, and (if you, like most people, have a dynamic IP) set up one of the many dynamic DNS clients available (they list several) to keep that association up to date.

I'm just a satisfied customer.

posted at: 08:59 | path: /raves | permanent link to this entry

My wife found her smartphone screen cracked recently. AT&T told her to suck it up and buy a new phone, and the local independent shop couldn't fix her phone. I had a great deal of trepidation about sending the phone off to some random place I googled, but in the end sent it off to Jet City Devices in Seattle.

They turned the repair in about an hour from the phone's arrival on a Saturday (!) afternoon, and had it back in the mail same day, so that it arrived back in North Carolina on Monday with a new screen.

Good Work!

posted at: 22:50 | path: /raves | permanent link to this entry

At the post office, I found myself writing a bit of a pastiche of an old classic:

Passport Hours: 10:30-4:30

Nice work hours if you can get 'em

NOTICE: TO SERVE YOU BETTER, PASSPORT SERVICE IS NOW BY APPOINTMENT ONLY

And you can work less, if you try!

1:40 PM:

Applicant has been waiting since around 1:30 PM, occasionally ringing doorbell.

Postal Service Employee (annoyed, poking head around door she is holding mostly closed): When's your appointment?

Applicant: My appointment was at 1:30, Ma'am

Postal Service Employee (even more annoyed): Can't be at this post office. You must be at the wrong post office. I have lunch from 1 to 2.

...

Suddenly, I find myself thinking that privatizing postal service might be a good idea after all. Also, putting the phrase "to serve you better" on a sign or form should be a federal offense, publishable by standing in line at a post office for 10 years.

posted at: 14:20 | path: /rants | permanent link to this entry

My favorite part of The Atlantic is generally the Word Fugitives section of Barbara Wallraff's In a Word. There are always several well-considered, generally balanced, and certainly thought-provoking articles in The Atlantic, but for sheer linguistic fun I have to read the last page first.

The July/August Word Fugitives feature had a request:

And Curtis L. Brown, of Neenah, Wis., writes, “Please help me find an appropriate word for the aversion of many persons (young or old) to revealing their true age.”

I immediately googled “annumadversion” thinking that it was such an obvious coinage that someone else on the internet must have used it, but other than a helpful suggestion that perhaps I meant to “...search for: animadversion,” google was silent.

Hardly daring to hope that I could be the first to think of this coinage, I quickly submitted my answer to The Atlantic's web site. I felt some faint hope for a mention, and was impatient to discover which truly great coinage would cop "top honors" in a later issue.

Today, I picked up the November 2008 issue, and, as usual, I flipped to the back to read my favorite feature. In a Word started with a rehash of the familiar (and I thought discredited) suggestion that the “average college graduate is familiar with about 75,000 words” and ended up quoting Strunk and White: “Avoid fancy words.”

Moving on to Word Fugitives, I discovered that most of the suggestions were funny but snarky: those shy of revealing their age are “egostatistical” “chronic liars” who commit “cosmetic perjury”. Imagine my delight as I read:

But we wanted a word for the tendency—the aversion. Michael K. Johnson, of Apex, N.C., takes top honors for his fancy but refreshingly nonjudgmental coinage annumadversion.

That made my day.

posted at: 20:59 | path: /words | permanent link to this entry

A Christmas gift some years ago of The Dream Hunters introduced me to Neil Gaiman's work. As an amateur of folk tales, I was entranced and delighted by the beauty and craft of The Dream Hunters, and then started reading earlier works in the Sandman series; my introduction to the graphic novel. Neverwhere and Stardust next captured my attention, followed quickly by most of the rest of Gaiman's books.

In my second and third readings of Stardust, I grew conscious of one of the characteristics of Gaiman's works that I find deeply satisfying: What I first saw as "loose threads" were actually precisely woven through the text.

For many authors, it appears to me that internal structural integrity is achieved in a tradeoff against narrative flow; or, more often, that narrative flow is achieved by ruthlessly discarding internal structural integrity. Speaking as an engineer, this is a reasonable tradeoff, since most readers seem not to care about structural integrity. But internal inconsistencies drive me up the wall even when perpetrated by my favorite authors. (I have read — and own and love — dozens of C. S. Lewis's books, but try piecing together the chronology of Narnia!)

Gaiman is in a delightful but rare class of writers who have the means and inclination to combine compelling narrative with extraordinary structural integrity. I consider Dorthy L. Sayers, J. R. R. Tolkien, and Rudyard Kipling well-known exemplars. Each time I re-read most of their published works, I generally notice additional internal consistency, rather than become annoyed by discovering small inconsistencies. This adds delight to re-reading, and helps me slow down while I read, increasing my joy in reading. A virtuous cycle.

Imagine, then, my delight to receive a copy of Gaiman's The Graveyard Book. I paid almost no attention to the title, as usual. I dove in and read the whole book, rudely ignoring everyone around me for hours. As I finished it, I took a deep breath of satisfaction, leaned back in my seat, and said to myself, "Wow. The Jungle Book, set in a graveyard... Oh." I am a little slow on the uptake, I guess.

Like several of Gaiman's other works, you probably won't like it if you are squeamish. There is Death, and Blood, and Violence, and even War. It differs from prime time television news in three ways: it involves magic, it tells of creatures that are literally rather than figuratively inhuman, and it is well worth your time.

Several readers of advanced copies have complained that The Graveyard Book is episodic; almost a collection of short stories. That complaint misses the point in several respects. The first is that Gaiman is a master of the short story; a few words tell a long story. The second is that this story is particularly well-suited to this presentation. It is short enough not to scare away a (say) middle school reader — good! If you want the story to last longer, read slower! True to form, Gaiman's narrative and construction reward careful reading. Finally, this book, in this form, is an homage to another great work worth re-reading, and worth reading out loud.

• Amazon
• Barnes and Noble

posted at: 23:03 | path: /words | permanent link to this entry

I used to use the galeon web browser. I got used to having tabs on the right side of my browser; I can have lots of tabs and read what is in them. This works in part because I devote one workspace entirely to a full-screen browser.

When galeon maintenance ceased, I did not update until I found the vertigo Firefox extension. Then I stayed on Firefox 1.5.0.x until vertigo supported Firefox 2. Now, I have been staying on Firefox 2 because vertigo does not support Firefox 3. This is starting to feel familiar.

Today, I found a mention of Tree Style Tab as supported by Firefox 3. Trying it out, I was pleasantly surprised; the configuration options are better, and I like the tree style where you can see which tabs were opened from other tabs (this can be disabled if you don't like that feature, though).

posted at: 15:08 | path: /raves | permanent link to this entry

I have a dual-boot system that, on rare occasions, finds itself running windows. It used to be limited to taxes and GPS database programming, but now it is limited to taxes, GPS database programming, and logitech harmony programming.

Since I so rarely run windows, I keep forgetting or repressing how hard it is to use, and how easily it breaks, catastrophically. I rant loudly whenever things break under Linux about how unacceptable it is.

I just went through the exercise of doing my taxes in turbotax. It occasionally went unresponsive or would simply quit displaying some of its user interface elements, but a restart would bring it back. Once turbotax disappeared entirely right in the middle of using it. (Oh, that's why it auto-saves so often. I guess they expect that.)

Then I wanted to print some forms. Of course, I don't have a printer connected, so I figured I'd just print a PDF (or postscript, that would be OK too) and print it later.

Half an hour later, muttering, I went downstairs to plug my computer into the laserjet. It's an HP LaserJet 1320 -- supports PCL6 and Postscript, has USB, and has been trivially supported under Linux for years. I figured I'd just move the USB cable temporarily to the machine running windows.

Or maybe not.

I tried letting windows try to install the driver automatically. Several times. Then I went to the HP web site, and downloaded three different drivers to try (no help from HP on which drivers to use). None of them worked. I finally, in desperation, found the CD that shipped with the printer. No luck. An hour and twenty minutes later, you'd think that at least I'd still have a working system, even if I couldn't print the tax forms.

I remember jokes about suspend/resume from years ago: "My laptop suspends fine, it's just resume that doesn't work so well." Unfortunately, after these attempts to get printing working, the system no longer shuts down. It just hangs indefinitely with nothing displayed on a blue background. The only way to get it to shut down is to hold the power button down until the hardware timeout passes and the system is forcibly shut down. It's not the "blue screen of death" -- it's the normal (for me) blue background shown during shutdown, it just never goes away. Call it the "blue screen of zombie", I guess.

Of course, setting this printer up under Linux took all of about one minute some years ago, and it has worked flawlessly ever since.

And no, I'm not crazy enough to be running vista with all its performance and driver problems. This is a recent XP install as shipped on a thinkpad.

Afer all that trouble, I find (back on my trusty Linux system) that the IRS site has the form in PDF, that it is a fillable PDF, and that evince can fill it in. This will take all of a couple minutes; I don't even have to use a pen except to sign the form.

posted at: 09:18 | path: /rants | permanent link to this entry

In my first-ever entry in this blog, on the 9th of November 2005, I wrote that Conary was moving to Mercurial for source code control. This conversion was a big success.

Today, I'm happy to spread the news that Mercurial 1.0 has finally been released. We continue to be very pleased by our choice of source code control systems. Continued development has made it even easier to use as well as more powerful, and new documentation has made it easy to introduce to others, including non-developers. In particularly, I would like to highlight:

• Distributed revision control with Mercurial, the "unofficial manual"
• Mercurial Usage "cheat sheet" that has enabled non-developers (documentation, marketing, product management, etc.) to use mercurial effectively.

The mercurial community continues to be friendly to "refugees" from other source code control tools, and its use is becoming widespread. Thanks again to everyone who has been involved in Mercurial development! I can't wait to see what Mercurial looks like in another three years!

posted at: 15:14 | path: /rPath | permanent link to this entry

In order to resolve contention for oven space, I made up a new recipe this year for one of my favorite thanksgiving dishes, utilizing the slow cooker ("Crock Pot"). Since it came out far better than any other candied yam recipe I have tried, I thought I'd share the recipe.

Serves 8

• yams or sweet potatoes (4 large or 8 small)
• 1/2 cup brown sugar
• 1/2 cup butter
• 1 tsp cinnamon
• 1/4 tsp nutmeg
• 1/4 tsp vanilla
• 1 bag marshmallows (large marshmallows preferred)

All amounts approximate.

Peel sweet potatoes (ruby "yams", if you can get them; henceforward called "yams" because that's what I grew up with), and slice approximately 1/2 inch thick. Mix brown sugar with cinnamon and nutmeg; alter proportions to taste. Layer peeled sliced sweet potatoes with crumbled brown sugar mix. When layering, fill large voids between slices in each layer with smaller pieces of yam, and stagger the layers to avoid holes from top to bottom, to ensure that the butter cooks into the yams. Dot the top very liberally with butter (or substitute). Optionally, mix the butter with the remaining brown sugar mixture (add more brown sugar if necessary) and dot with the butter/sugar mixture. Add vanilla.

Cook on low for 6-7 hours without ever removing the lid. The sugar on top of the top layer of yams will caramelize.

Remove liner from heating element. Top potatoes with marshmallows. Broil with marshmallows at least 6 inches below broiler element until marshmallows are brown and puffy, about 4-5 minutes. (If marshmallows are too close to the broiler element, they will brown unevenly.)

posted at: 10:50 | path: /food | permanent link to this entry

My wife and I had everything planned for Halloween; I would take the girls trick-or-treating and she would hold down the fort. My first hint that the evening might take an unexpected turn was when she called to mention that she smelled something funny, and she thought that this time it probably was natural gas, not a stale dishrag like last time. I was skeptical, until she called me a few hours later to say that the smell was a lot stronger in the (gas) furnace room, that the kids were buckled into the car, and that I was going to be coming home to deal with this while she and the kids went to supper.

She was right. The smell was obvious. Being a hands-on kind of guy, I decided to investigate this myself. I made some soapy water and spread it on the place I thought was most likely to be leaking: a set of pipes around the main stepdown regulator. After half an hour or so of unfruitful exploration, I grew a clue, gave up, turned off gas to the whole house at the meter, and called in the gas company (PSNC).

I learned two new things:

• If you just think you smell gas, they do not charge to come investigate, and they treat it as an emergency, even if you tell them that you have already turned off the gas at the meter. I don't know if that is true for every gas company, but it was true for PSNC.
• This is the time of year to pay attention to your nose when you think you might possibly smell a gas leak. More on that later...

The technician called me to apologize for having to finish up one emergency call before coming to handle my emergency. Not a problem! He arrived just after the first trick-or-treaters came by. He "clocked" the leak by marking and watching the meter with no appliances running, and I got my first indication that this was not trivial when after only a minute his eyebrows went up and he said, "Oh, that's really leaking!" I was gratified to see that the first thing he tested in the house was the exact same place I had started looking, but no bubbles showed up with his soap either.

The investigation continued for something like an hour and a half. We pulled out suspended ceiling. We turned different parts of the system on and off. Finally, he started putting high-pressure air into different parts of the system -- and in the first place that both of us had looked, bubbles started forming as a joint started hissing. The leak was found!

Unfortunately, when the contractors (Yellow Dot, as far as I can tell) installed the gas lines in our house, they hadn't followed code. And the Wake County inspector didn't call them on it. There was no union joint to make it easy to fix the leak. So instead of the technician turning his wrench a few more turns and swabbing on some more joint compound, I paid for an hour of overtime to do the fix right and bring the house into compliance with code. A small price to pay for a fixed gas leak right away, and hot water in the morning! When he was done, the meter didn't budge during a 20-minute test, whereas before it had moved perceptibly within a minute.

The technician explained to me that when the weather gets cold, they inject a lot more mercaptin oderant into the natural gas supply to make it more likely that people will discover leaks in time to fix them before they cause trouble. He said it makes for more repair calls as the cold weather starts -- and they really don't mind...

The fast response, the thorough investigation, and the quality fix done quickly and correctly made me feel good about paying the gas bill. As a bonus, while he was doing all this investigation and repair, he was assiduous about wiping off his feet to keep the carpet clean and closing the doors to keep out mosquitoes.

posted at: 17:46 | path: /psa | permanent link to this entry

Ken VanDine and I flew up to the Detroit area yesterday to give a talk last night at the Michigan!/usr/group. As you can probably tell from the UUCP-inspired name of the group, it has been around for a while -- at 21 years old, it's old enough to drink!

They have a good venue for technical talks -- in particular, working internet access is available (wired and wireless), so we were able to do live demos of the MediaWiki Appliance Experience and rBuilder Online.

This was my first experience using the S5 web-based slideware for a presentation. Upside: it's easy to post the slides on a website; you can even let internet-connected attendees view the slides on their own system, so they can review as you go along. Downside: it's slow. With the on-demand scheduler disabled and the CPU running at full speed for best performance, it still took about a second to display the next slide. Maybe the audience appreciated the fact that I occasionally stopped talking for a second, but it felt awkward to me.

I have added a link to the slides on the Conary:Presentations page.

posted at: 12:50 | path: /rPath | permanent link to this entry

I've been an old-school die-hard gimme-those-old-time-primary-partitions kind of geek for a long time now. Even extended partitions bother me, especially when partial drive failure makes otherwise unaffected partitions disappear. So while the flexibility that LVM provides was enticing, I was frankly a little uncomfortable putting LVM on my system, especially after a hard drive crash.

Some months ago (I really don't remember exactly when), I experienced a third drive failure on my old PATA-backed RAID1 array on my home system. I then discovered that Linux software raid has the ability to grow the device, and so I switched to larger SATA devices merely by adding the SATA devices to the RAID1, waiting for resync, removing the remaining functional PATA device, and then growing the new RAID1. Impressive and convenient, all except that installing grub by hand on Linux software RAID1 is still not an unadulterated pleasure.

While recovering from my most recent hard drive crash onto a temporary drive, I set up some filesystems on LVM, I seem to recall because at least one of the filesystems was likely to grow to require some unknown amount of disk space. I then ordered a larger drive to move my data onto. After the new drive arrived, I discovered the pvmove program and was very impressed that I should be able to add another physical volume to a volume group, then cause all the logical volumes in that group to be migrated from the temporary drive to the new physical volume. Google then helped me interpret the error message that I got, and modprobe dm-mirror got pvmove working. As I watched the output of pvmove -v /dev/hdc4 scroll past, telling me percent complete every 15 seconds and occasionally informing me that it had checkpointed progress in case my system were to halt before progress was finished, I wandered around the office telling everyone about how cool LVM was.

Not merely pride, but also enthusiasm goeth before a fall. I was in a hurry to remove /dev/hdc from my system and use only my new /dev/hda4 physical volume. Lost in a twisty maze of lvm utilities, all slightly different, I tried to remove the /dev/hdc4 physical volume. I ran pvremove /dev/hdc4 and had the command tell me that it wouldn't succeed until I ran it with the -ff argument. By now, I was conditioned that LVM occasionally asks for confirmation of remotely-possibly-dangerous actions, and so just hit up-arrow, added -ff, and hit y to accept. Of course removing a physical volume is a little dangerous, but I knew I wanted to do it, and I had run pvdisplay first to ensure that the volume was empty. I removed the temporary drive and rebooted.

The LVM-savvy are shaking their heads now. Of course, I should have guessed that I would have to run vgreduce first. And, indeed, all the data that I had copied over -- my home directory, my development environment, everything except the root partition -- was now inaccessible, and /dev/hdc4 lived on as a phantom. The LVM commands complained about a missing uuid, and the solution wasn't immediately obvious. "I lost my /home!" I cried, prompting anxious questions among my colleagues as to whether I had started to forward some of my more salacious spam to my wife. After about 5 minutes of careful (pvdisplay made it clear that space on my /dev/hda4 LVM partition was still reserved by something) experimentation (and no despair; I had just completed a current backup before starting the whole process), I resorted to reading the lvm man pages, one by one, until I understood the problem and the solution.

First of all, the fact that I couldn't get at my data was (perversely enough) a good thing. It was because LVM was being conservative. It didn't have all the physical volumes (as identified by UUIDs) required to complete the volume group, and so it was possible that the logical volumes were incompete. Trying to mount or otherwise manipulate a potentially incompete logical volume could be a disaster, so I'm glad LVM tried to protect me from my own stupidity. It was preserving my data.

The solution to the problem I had created was to run vgreduce (the same program that I should have run in the first place, had I only known) with the --removemissing option, because I knew that all data had been migrated off the physical volume I had removed from the system: vgreduce --removemissing vg0 rendered my data accessible again.

posted at: 18:11 | path: /psa | permanent link to this entry

Before we ever announced Conary, we tried converting from CVS to Subversion. We were not happy; the conversion wasn't great, but much worse was the corruption in the db back end (I know there's a filesystem back end now); we decided that we could live with CVS at that point, and that it just wasn't worth the trouble to change. I understand that Subversion has improved since then, but one of the things we decided was that if we were going to change, we really wanted to move to something that allowed disconnected operation (for those cross-continental plane flights...).

A few months later, I think shortly after we announced Conary publicly, we tried migrating to Arch (tla). The conversion was incredibly slow, and we still weren't happy. Not saying anything bad about Arch, either; we just weren't happy with it in our environment and with our practices. I don't even remember now all the things that we didn't like about it well over a year ago.

When Bitkeeper took away the "free beer" bk licenses for Linux kernel development, two projects started at the same time: git and Mercurial. I was particularly impressed with the approach that Mercurial took, not only from a technical perspective, but also from a social perspective. Mercurial developers quickly set up a wiki that contained enough information that someone who was not already familiar with the general distributed disconnected changeset-oriented version control model could quickly become productive with mercurial. From a technical side, its repositories are about a tenth the size of git repositories, it's implemented in Python with a few small C extensions (sounds familiar!), and it enables web browsing of archives "out of the box".

So in August, I learned how to convert CVS archives to Mercurial archives (and wrote more detailed information on the process for the Mercurial wiki) and did a sample conversion of Conary's CVS archive to Mercurial. It had a few rough edges, but it basically worked. I packaged up the new 0.7 release of Mercurial, but we weren't really interested in moving version control systems right at that moment; there was no pressing need to spend time on it, and not everyone was convinced that Mercurial was ready for the job quite yet.

Yesterday, we ended up with a namespace conflict between anaconda and conary that unexpectedly required us to completely rearrange where Conary put its files. Suddenly, a version control system that handles file renames became a critical priority instead of a would-be-nice-someday thing. I found out that things had changed so that my conversion process didn't work, so I had to learn what to do and change my Mercurial wiki writeup of how to convert, and ended up doing two full conversions before we had done it right. Then there was the matter of infrastructure, things like setting up commit messages. I was very motivated to fix that, because until I fixed it, I had to manually generate all commit messages! By 2:30 this morning, things were finally sufficiently functional for me to go to sleep.

Mercurial is going to change our development process, and I'm sure we'll have some bumps in the road, but it's also going to make some things a lot easier, and despite lack of sleep I'm excited about this new model.

posted at: 05:12 | path: /rPath | permanent link to this entry