Americans greatest fear: The Truth

I had to laugh today when my daughter & I were flipping through a catalogue of Halloween costumes. On a page full of Halloween props, I caught these labels for sale:



Note the very first label, which I like to think is the most scary thing available: not the red blood, spider venom, embalming juice, or the virus that makes humans become zombies, no - those aren't scary enough to lead with. The most frightening juice there is the truth serum. [scream!]

Yes, the scariest thing we can imagine is our friends, family, and peers hearing us tell the truth. Are our secrets really that bad, America?

Googletalk & AIM becoming officially compatible?

Google linked up their arguments to allow the Yahoo-Google ad deal to go through without government regulation. I was actually most surprised by slide #8, which reads that "Yahoo! will enable interoperability with Google instant messaging".

Does this mean Yahoo Instant Messenger will use jabber, and as such, talk to any jabber client?

This may be the first good news for googletalk since it was launched, as Google doesn't seem to be doing any work to update it or add features.

What I'm Reading Now: Born Standing Up

I've started an audiobook of Born Standing Up, Steve Martin's autobiography, read by the author.

I'm already 2 hours in to an unfortunately short 4 hour production, but enjoying it a lot. I recommend.

You can hear Steve Martin talk about his book on NPR, too, which I also enjoyed, and it won't set you back $20.

1st Presidential Debate

I've been watching it on youtube here: http://www.youtube.com/watch?v=F-nNIEduEOw I'm trying to be unbiased - which is easy, since I haven't investigated much into either candidates platform, so I'm genuinely eager to hear their opinions.

At 20:00 in, John McCain says "I want to provide a tax break of $5,000 so every American family can buy their own health care..." That scares me - does he want to set the precedent that the individual buys his health care, not the business or government?

I checked with Kaiser recently, when my business changed their health plan and I was suddenly faced with many more expensive options. I found the cheapest plan they had available for my standard-sized (or even small) family of four cost over $10,000 per year. Note that's the cheapest available kaiser plan, and that's just to enroll. Of course I'd still pay more than that every time I visited, or needed drugs, or had any procedures - it's not 100% coverage with no deductible.

That $5k won't help me care for my 3 dependants. Furthermore it would only be a change for people right now - in future years, new employees won't have a before/after picture to see a $5k tax break. They will just start new jobs at new salaries, where businesses are not concerned about their health, and they'll have 100% of the burden on them immediately.

Amazingly well-done robot flash game

This robot-programming flash game is just really fun. I got to level nine before I had to leave for an appointment. How far can you get?

http://www.gameroo.nl/games/light-bot

Recycling Traffic

Oops. I created a paper recycling box in my office, hoping to encourage others to do the same (since a very high percentage of office waste is cardboard/paper recyclable).

All I've seemed to do is increase foot traffic in my office as people visit me to drop their papers in my recycling box. hmm.

MiniDV still alive for some reason

I looked at some digicamcorders recently, and found a lot of them still on the miniDV standard that was popular when I first looked into these cams in 1999.

I don't get it. Magnetic disk drives have reached impressive capacities in tiny footprints, flash memory costs nothing and is fast, even smaller, and very high capacity. Why bother putting a tape in the camcorder anymore ?

I'm still using this old Sony MiniDV DCR-PC101 cam, and my number 1 problem is that it won't record because of some issue with all the moving parts on the tape writing mechanism. I fix it by literally banging it on hard surfaces until it works again, (which is the most accepted method of repair on the internet). I can't imagine buying another video camera that relies on tape at this point.

Two spaces after period killed by HTML

This MLA page talks about how single-spacing after period is becoming more common and should be considered the standard in writing: http://www.mla.org/style_faq3

I wonder if HTML helped the downfall of double-spacing after period. Before the majority of the web was created by html-generators, authors typed their content in HTML markup that ignored whitespace beyond a single space, without explicit use of a non-breaking-space code ( ).

It could be that the wealth of websites whose users's browsers refused to render more than one space helped make single-spacing more common and accepted.

An interesting aside: Wikipedia is a very specific about spacing, quoting the standard spacing after a period as 1 em. I'm always surprised when wikipedia shows me extremely well-documented details, formalities, and histories of topics that I took completely for granted.

My daily wtf: MTP default action

I enjoyed the prompt that Windows XP provided to me the last time I plugged in my mp3 player, especially the "always perform this action" checkbox:

Disassembling the Sandisk Sansa Sanmeister

I bought a Sandisk Sansa e260 from woot.com recently, even though I agree that the mp3 player is an obsolete technology. I really like the UI. They copied Apple's click wheel design, but used an actual plastic wheel that spins (instead of the stationary touch-sensitive wheel Apple uses.) I actually prefer it because of the physical feedback you get from spinning it.

It has a small, sleek design, very bright display, and does a great job at all it's tasks: video playback, photo slideshows, music, radio, voice recording, 4GiB USB drive.

Also, Sansa let's you use the USB Mass Storage Device Driver to copy music, instead of enforcing MTP like they did on previous players. MTP completely sucks in comparison.

The downsides: custom cable. Why does anything have a custom cable? Everything should use the USB mini-b so we don't need to keep 20 cables on our desk to plug in all our gadgets.

My particular e260 also had a problem: only 1 channel of audio would play. I took it apart to see if I could fix it. Disassembling things is always fun. Here are the pictures:



The electronics in this thing are tiny. Almost all of the weight is in the heavy steel case back and the battery, and almost all of the volume is in the frame & battery. I had fun pushing the battery back onto the power terminals and running it naked:



I eventually decided the problem was in the stereo headphone socket, which has 3 conductors for left audio channel, right audio channel, and a common return (see TRS connector). Looking down into the socket, I can see that a contactor is broken off. I couldn't get a focused image with my digicam though. Here's a shot of the back of the electronics, at least:

I think that the stereo socket needs replacing, and I'm not going to try to remove and solder a new one in place. I hope Sandisk will do it for me. I wonder if there were any hidden warranty-voiding stickers that I broke when taking it apart . . .

What I'm Reading Now: The Three Stigmata of Palmer Eldritch

I've started yet another PKD book after enjoying many previously. This one, The Three Stigmata of Palmer Eldritch, seems to be navigating through familiar PKD themes: odd religious/spiritual activity, narcotics & hallucinations, confusion regarding identity, and insanity. PKD must have been a strange man.

What I'm Playing Now: Puzzle Quest

OK, I'm actually done playing Puzzle Quest, one of the better recommendations that Penny-Arcade has made, but I forgot to post about it before; probably because I was too engrossed in the game.

Apparently I was not too engrossed to screw around with the game, though, something I've been doing since I downloaded ResEdit on my mac and learned what a Hex Editor is. The beautiful thing about Puzzle Quest is that all of the art, sound, storyline, spells, items, maps, mounts ... almost everything is stored in open format, user-readable and user-editable files that are loaded at runtime by the game executable. That turns Puzzle Quest into a veritable Z Machine of puzzle-questing.

Anyone could write a completely new game without compiling a line of code - just invent a new story, design your new stuff, and save it in text & JPEG form.

I didn't do that, though. I just screwed around by inserting a pic of me (just home from work, still in my CPC insignia polo) in the game in place of the hero. This makes my kids giggle like mad every time the in-game me starts talking with knights and elves. Some screenshots [click for detail].

Official Braid Walkthrough

I saw an odd link recently: to the "Official" Braid walkthough, hosted by the game developer. I was confused. Game developers don't ever write and post walkthroughs to their own games.

I clicked through to read some of the walkthrough and find out if it was the real deal. The surprise at the end was, well, I won't spoil it for those of you that click through to see for yourself.

I keep watching the news to see when this game is going to be released for PC since I don't own any consoles (that can't be emulated, at least). Even if I did buy a modern console, the Microsoft product is completely out-of-the-question - and that's currently the only place that anyone can play Braid.

So my portal stats need some work

I really like steam's Achievements feature, which augments standard game storylines with additional optional goals, which are published to other steam users, and, apparently, the entire public internet.

Now that I know the whole world is watching, I think my portal stats need some work. You can click through the pic to see how I'm doing. ...oh, and if you don't know, Portal is an excellent game with a whole new game mechanic, well-developed storyline, good humor, a brilliant ending, and is worth your $20.

What I'm Reading Now: Diaspora

A friend gave me a copy of Diaspora, by Greg Egan.

I'm only on page 40 (10%), but skimmed most of pages 1-20 when I realized it was a long description of one of the authors imagined future technologies at work.

I think this is a mistake. Good books start with action that draws the reader in, introduces characters that the reader cares about, and explains things like technology, setting, and others mostly in context of a more interesting storyline. I don't think narrating concepts directly to the reader works as well.

I get the author's purpose: the first chapter lets the reader experience the narrator's growth from creation to independence (the narrator is an AI). ...but it's hard to get through 40 pages where the narrator is not yet even sentient.

Anyway, I am interested to see what would happen next, now that I have some characters to watch. ...but I needed the wikipedia page to get some clarity on just what's happening.

Seinfeld Microsoft ads: wtf?

After chatting with Ryan Delucchi last week about how Jerry Seinfeld is the wrong guy for a new Microsoft Ad Campaign, and then witnessing these two horrible advertisements during NFL football this week, I was glad to see Penny Arcade express their opinion in this Monday morning's comic :


Even though Apple's get a mac campaign is definitely out of gas, John Hodgman is a much hipper comedian than Seinfeld is (now that the 1990's are long over), doing a spot that's actually relevant to the product Apple is selling.

Senator accuses cell carriers of price-fixing on SMS pricing

Wow, this is great. Wisconsin Senator Herb Kohl is basically accusing cell carriers of price-fixing on SMS fees.

I don't use SMS and don't like it - but that's because my smartphone groks email and IM. I understand SMS for the majority of cell users who don't have these capabilities.

...but whether or not I use a service, I don't like to see the public getting gouged, and I always thought it was nuts that I could get tons of (or even unlimited) minutes to talk time at a fixed low rate but have to pay a few dimes for every SMS message. The carrier's cost of SMS is a few bytes per message, and doesn't have to be transmitted at a constant rate. However, a voice call requires multiple kilobytes per second on a secured, reliable, constant rate of transmission - that's a significantly higher burden on the carrier's network than an SMS.

Clearly SMS charges are a sham. ...now, it could be the case that cell providers prop up low monthly fees with SMS fees. If so, reducing or eliminating SMS fees would increase monthly fees - but at least you would be paying the right amount for the right service.

Cory references X references Cory

Cory Doctorow seems to be caught in an elaborate palindrome with the internet. Today I noticed it with Bruce Schneier.

Of course Cory already blogged about Bruce's blog (and he must have referenced Bruce in Little Brother, I'm sure ... almost sure... ok, not sure). Today Bruce blogged about gait recognition applied to shadows read by satellites, and he threw Cory a bone with a link back to Little Brother's discussion of low-tech gait recognition defeating techniques (i.e., rocks in shoes).

Cory already played this palindromatic game with Randall Munroe's webcomic. Cory blogs XKCD (actually a few times), XKCD comics Cory¹, then the comic is cosplayed by Cory and readers alike.

If the rate of references continues to accelerate, this could become an internet stability problem. Let's call it the Doctorow Vortex. Who will make a wikipedia page about it for me?

1. Yes, 'comic' can be used as a verb, just like blog. Thanks for asking.

How to stay safe on the dangerous internet

I get asked a lot of questions about viruses (virii?), malware, and computer security by friends, family, & co-workers. I like to try to keep my advice as simple as possible for people who don't really want to learn all the complexities of computer hardware, software & networks - not that I could know every detail myself, anyhow.

I summarize it with 3 bullets. Here's how I stay safe on the dangerous internet:

1. Don't open file attachments that you aren't expecting.
   
2. Don't click links provided in emails that you aren't expecting.
3. If a website or popup requests you to click somewhere, close it with ALT-F4.

I'll elaborate now on the details, but for those of you who need it simple, those bullets will go a long way.

Regarding item 1, Virus protection: I keep hearing people saying "only open attachments from your friends." Here's why that's foolish: when a virus infects a computer, it can replicate itself by emailing it to everyone in your contact list. That means an attachment is almost more likely to be a virus if it's from your friends than otherwise.

I say "only trust attachments that you are expecting." I mean that you are safest if you've already had a discussion with someone in person, on the phone, in IM, or in email that says "I've got that file you need. I'll email it to you." If that hasn't happened, be wary.

You have more leeway if you know how to spot dangerous attachments. As of September 2008, the only real dangerous attachments are files that contain executable computer instructions: i.e., files that end with .exe or .scr (and perhaps also .com and .bat - if these are still executable on modern windows operating systems). That list could grow if exploits are found in other software products (see JPEG virus attack), and it could include Microsoft Office documents if your macro security is too low. Try not to fall for the double-extension trick, though. A file called britney.jpg.exe is an EXE, not a JPG. The final extension always wins, even when it is invisible.

Regarding item #2, phishing protection: I just got another great phishing scam email today. It was from equifax, a company I have done business with. It was from a good email address (possible because of spoofing), it made a reasonable request (log in and update information), and it provided a link to eport.equifax.com, a valid website. However, if I read the HTML email source, I find the link lies about what it links to. It actually links to eport.equifax.file3.com - which is a completely different host owned by scammers collecting personal financial data. If you don't know how to examine URLs to recognize URL spoof attacks, it's safest to follow #2 and avoid clicking emailed URLs you're not expecting. If you want to click a untrusted link, instead try opening your browser and typing in the desired website directly - you're less likely to be redirected to phishers that way.

Don't let emotions block reason. The ILoveYou virus and the common "You've received an eCard from a friend!" emails play on people's emotional desires to have positive social interaction. A good eCard site should at least provide the name & email of the card sender before they ask you to click links, to help validate the message. Also, be logical - if your birthday isn't for 8 months, who would send an eCard today?

Regarding item #3, malware protection: when websites popup windows asking you to click anywhere, they may be trying to get your authorization to install malware, whether or not they say it. Clicking anywhere on these windows is dangerous, because sometimes they are imagemaps that pretend to be windows with closeboxes but actually act like a big hidden "OK" button. Using the keyboard to close them (ALT-F4 in windows, CTL-F4 if it's a tab in a tabbed browser) is much safer than clicking anywhere on them.

It's also good to note that malware often comes bundled with "free" software. You should question any free software product available on the web, especially if it's advertised. Where does a company get money to pay for advertising for a product that's given away for free? They get money from malware writers that pay them to infect your computer and collect your data, and/or send you popup advertising even when you're not browsing. Gator was a company that was expert at this; now they've changed their name to Claria to flee bad press.

If you're unsure, err on the side of caution. Do you really need that custom browser toolbar or the little weather application? Is it worth risking your security?

Wrap-up: I considered adding more bullets to the list. Item #4 might be "keep your software up-to-date". I'm trying to be concise, though. A lot of home users aren't running professional operating systems with web services running, so they are less exposed to worms. I could add items like "set your boot priority list to boot only from hard disk", but the goal is internet security, and not many people are still getting infected from removable storage media.

Good luck and happy safe browsing.

Comments? Suggestions? send them to matt@mattmullen.net.

Todo: Books, games, gadgets

I just realized today that I can actually buy a copy of Spore now. I've got to get that in my list of games to play.

Then I learned Cory Doctorow likes The Armageddon Rag, by George R.R. Martin. I've liked GRRM's series A Song of Ice & Fire a lot, but I'm not sure about a book whose genre is fantasy/horror/alt history. I guess I have another for my to-read list.

John Hodgeman has gone and released a new book, too, as though I'm just swimming in money and time to buy & read new books. I suppose I have little choice.

Finally, I may have found the answer to my iPhone/Sprint problem. Specifically, that the iPhone I crave will never run on the carrier my company provides. The Sprint Instinct tries to emulate the iPhone. I wonder if it's worth the investment? When it comes to UI, I'm very picky. If they have the iPhone features but not the polish, I could go insane trying to use it.

What I'm Playing Now: Final Fantasy 1

Well, not really. I remember loving FF1 when I was about 11 years old. It was fun to revisit recently using an NES emulator (FCEU). The fun with emulators, though, is being able to use savestates and cheats to alter the game experience. I couldn't find a listing on the web of Hex locations of major data locations, though, so I'm posting my own small list here. Perhaps the next person to google for "final fantasy 1 fceu hex addresses cheats gold experience potions" will get this handy list.

Note you'll need a hex editor to get this done, I use WinHex. Also note that many values are stored in 2 bytes, with the second byte as most significant. (so to write "4000" to an address, which is 0x0FA0, you write A0 to first byte and 0F to second byte.)

0x1313-1314 Gil

0x13FE-13FF Experience, Party member 1
0x143E-143F Experience, Party member 2
0x147E-147F Experience, Party member 3
0x14BE-14BF Experience, Party member 4

0x132D Tents
0x132E Cabins
0x132F Houses
0x1330 Heal potions
0x1331 Pure potions

Microsoft: I ALWAYS want to paste unformatted

Every time I past in an office doc, office carries the formatting over for me, which drives me nuts.

Consider a scenario: I copy from one doc where the font is 9 point garamond dark-blue italic, and paste in another doc where it's a title block of bold 14-point arial black, and office *carries over the formatting* and obliterates the point of copy/paste: saving time. I have to do more work fixing the formatting than the work I saved with copy paste.

Instead of reformatting, I often try to use a paste special where I can navigate a dialogue to specifically "paste unformatted", or I (faster, actually) launch notepad and paste then recopy paste, because notepad handily strips the formatting.

With all this work to copy a bit of text, why don't I just re-type my text at this point? I can do a lot at 80WPM and never have to touch the mouse. Copy/paste has been completely broken for me by Microsoft's attempts to make it more advanced.

What I'm Playing Now: Team Fortress 2

I've owned the Orange Box for some time, and loved Portal as well as Team Fortress 2 (you can keep HL2, thankyouverymuch). I've been reintroduced to TF2 by A Heavy Update, which has included some achievements and unlockables for heavy and some new maps. Those are fun, but what's really great is that I had apparently missed the previous Gold Rush update that included a new game type called Payload. It's a total blast either running with the payload cart, engineering turret locations to defend it, or clearing out those turrets with an Ubercharged heavy-weapons-guy.

TF2 on payload is up there with Quake1 and Starcraft as best multiplayer games available. It's only $20 on Steam, too.

Keep up to date at the TF2 blog.

Time to delete blog?

OK, it's been a month since a post, which probably means I'm bored with this and may need to stop blogging. I'll give it a few more weeks and see what happens.