Friday, October 26, 2007

Shades of the singularity: Canon SD 1000 for $170

Amazon is selling the Canon SD1000 today for $170.

We live in a weird world. There's all kinds of cheap worthless junk sold for low prices, and then then there's something like this. It's a genuine marvel of technology, and at least the early versions were actually manufactured in Japan. Yes, like the old days.

Today it's selling for the cost of a big date.

I just want to say that's weird. I think I'll buy my wife this for her birthday and give our perfectly decent Canon SD 600 to the kids.

Update 11/6/07: It's made in Japan! Still, just like the SD 600 before it. It feels like an Apple product. Compared to the SD 600 it uses the same battery, charger and SD memory card. It fits the SD 600 case - somewhat thinner and very slightly longer. I turned off the 'face focus' feature as it seems a bit slow to focus lock, I need to test it more with different focus parameters. I prefer the raised controls of the SD 600 to the perfectly flat buttons on the SD 1000, but the SD 1000's camera/video/review toggle seems less likely to move accidentally.

Update 8/25/08: Not quite the singularity. At 10 months of age the focus motor broke.

Leopard and file sharing: but can you share the Shared Folder?

Glenn Fleishman of Tidbits has a new eBook out on Leopard File Sharing and he gives us some highlights here: Leopard Simplifies Sharing.

I am almost ready to hope that OS X users can now SHARE THE #$@% shared folder [1]. Yes, it's true, for years OS X has had a "Shared Folder" on every drive used to share items between users, but that folder couldn't be share with network clients

Just fixing that ridiculous design flaw would justify half of the upgrade price to 10.5. I've asked Fleishman to address that question, I hope he'll update his post.

The more I read about Leopard, the more I realize I might have to admit to being ... errr .... wrong. When Leopard slipped its dates, I figured they were going to have to slip again from October 2007 to April 2008 -- or that the October 2007 release would be pretty crummy.

I still have no intention of messing with 10.5.0, but the early news is damned impressive. It now seems likely 10.5.1, when it comes out in a month or so, will be a truly large leap forward -- maybe the biggest release of OS X since 10.1 made it usable (ok, so 10.4 on Intel was impressive too).

It would be funny if the 10.5 release were to turn out have been under-hyped given all the flack Apple gets for its PR machine.

Update 10/28/07: Yes, you can.

Update 5/30/08: I finally upgraded to 10.5.3. There's no problem with sharing the Shared folder, in fact I think I can share any folder. We haven't been able to do that since MacOS 9.

[1] See:
OS X: Creating a "parents only" shared folder and Odd OS X bug: can't share the shared folder

Wednesday, October 24, 2007

Generating Sharepoint-friendly URLs (links) using Microsoft Access

This is damned obscure, but it's not documented and I figured it out, so I'll stick it up here.

Maybe it will help someone.

Microsoft Excel, Access, and Sharepoint  2007 (latter is really SQL Server dressed up) all have an implied datatype called the "hyperlink". It's not well documented, I don't think Excel 2007 and Access 2007 implement the hyperlink quite the same way.

Excel has a "hyperlink" function that will generate a hyperlink from a string and a URL, but when I pasted that into a hyperlink field in SP 2007 bad things happened and I had to power cycle by XP box. (typical XP behavior)

On the other hand I couldn't figure out how to generate hyperlinks in Access 2003 or 2007. Here's the trick, and they do work in SP 2007. I assume one column holds the URL and the other the text displayed in the UI.

1. Concatenate URL and text fields (+ operator in Access) to a string of this sort: "friendly name#http://myserver.org/friend.html#"

2. Write out the results to a table.

3. Change the datatype of the column containing "friendly name#http://myserver.org/friend.html#" to "HYPERTEXT".

Now you have the hypertext URLs.

Link to your target SP 2007 list (table really), and join on your identifier, then do an Update query to stuff your hypertext URLs into the appropriate Sharepoint field.

I'm sure there's a better way using VisualBasic for Access, but Microsoft's approach to VBA gives me hives. It's a total mess, I'd much rather spend time learning Objective C or Python.

Gmail gets IMAP: Hallelujah!

I usually try not to blog about something everyone's screaming from the rooftops, but this is genuinely exciting: Gmail gets IMAP - Download Squad.

DS was reporting on a rumor, but they note it's official now.

I moved all my email services to Gmail lately after my longtime ISP, VISI.COM, began messing up in a big way. It took a bit of tweaking to get it all working, but it's been fine ever since. I'd have moved long ago if Gmail had IMAP.

Now I'll be able to move my wife's email to Gmail -- she likes using OS X Mail.app and she works from 3 machines. Until now I had her on VISI's IMAP service.

Big news of the day.

So, can Google's long delayed file server be all that far away?

Update: Good tip on use with Mail.app
Update 10/25: This news post has more setup tip links.
Update 11/16/07: Still more configuration advice. I still haven't gotten around to doing this, mostly because my current setup works! Still, one of these days ...

Sunday, October 21, 2007

The end of the Storm worm: interesting lessons

PC World has an educational article on the Storm worm, which is now fading from the scene. Emphases mine.
PC World - Storm Worm Now Just a Squall

... Brandon Enright, a network security analyst at UC San Diego, has been tracking Storm since July and said that, despite the intense publicity that the network of infected computers has received, it's actually been shrinking steadily and is presently a shadow of its former self. On Saturday, he presented his findings at the Toorcon hacker conference in San Diego.

Storm is not really a computer worm. It's a network of computers that have been infected via malicious e-mail messages, and are centrally controlled via the Overnet P-to-P protocol. Enright said he has developed software that crawls through the Storm network and he thinks that he has a pretty accurate estimate of how big Storm really is.

Some estimates have put Storm at 50 million computers, a number that would give its controllers access to more processing power than the world's most powerful supercomputer. But Enright said that the real story is significantly less terrifying. In July, for example, he said that Storm appeared to have infected about 1.5 million PCs, about 200,000 of which were accessible at any given time....

... Since July, it's been downhill for Storm. That's when antivirus vendors began stepping up their tracking of Storm variants and got a lot better at identifying and cleaning up infected computers, Enright said.

Then on September 11, Microsoft added Storm detection (Microsoft's name for Storm's components is Win32/Nuwar) into its Malicious Software Removal tool, which ships with every Windows system. Overnight, Storm infections dropped by another 20 percent.

Today, Enright said that Storm is about one-tenth of its former size. His most recent data counts 20,000 infected PCs available at any one time, out of a total network of about 160,000 computers. "The size of the network has been falling pretty rapidly and pretty consistently," he said.

Still, Storm has had a remarkably successful run. It's called Storm because it first popped up in mid-January in spam e-mails that offered late-breaking information on powerful storms that had been battering Europe. Users who clicked on the "Full Story.exe" or "Video.exe" attachments that accompanied the spam were infected by malicious software, making them part of the Storm network.

These machines were then used to send out more spam and launch attacks against other computers. The recent MP3 stock spam that was first spotted earlier this week was sent out by the Storm network, Enright said.

Storm was effective because its creators were really good at creating messages that victims would feel compelled to click, Enright said. In its first few days, it managed to infect more than 300,000 computers, making it the worst malware outbreak since 2005. Its creators have since been masters at creating timely messages for their spam and have also had success getting victims to click on fake e-greeting cards.

The Storm network itself is constantly changing, and has used a variety of technologies that have made it an interesting phenomenon to study. In addition to the peer to peer network, it has used rootkit software to disguise its presence on the PC and a server-switching technique called "fast-flux," which makes the Storm servers harder to find on the network.

It's also developed some interesting ways of keeping researchers like Enright at bay. "If you're a researcher and you hit the pages hosting the malware too much... there is an automated process that automatically launches a denial of service [attack] against you," he said. This attack, which floods the victim's computer with a deluge of Internet traffic, knocked part of the UC San Diego network offline when it first struck.

Lately Storm has been responsible for a large quantity of "pump and dump" spam, which tries to temporarily boost the price of penny stocks. But one area that does not seem to be of interest to Storm's creators is identity theft. "Believe it or not, credit card numbers aren't worth that much money," Enright said. "It's much better to make money... via pump and dump."
It's particularly interesting that credit card numbers aren't worth stealing. Is it because there's a glut of numbers on the market, or is identify theft becoming harder?

I'm also impressed that Microsoft could knock 20% of the Storm bots offline with a single update.

Overall, this is very encouraging news. I wonder how profitable the Storm Worm really was. If these pump and dump schemes really worked that speculator behavior would come to neutralize them. (Speculators detecting early versions of the email could preempt the strategy of the scheme owner.)

Hornby on the history of Palm

Tom Hornby has written the Early History of Palm. I remember GRiD, the Zoomer and GeoWorks (wonderful software OS), but I didn't know of Hawkins role in those products.

I'm most interested in the essays to come. Will Hornby identify the critical role of Outlook's data model, and the dominance of Exchange server, in killing the Palm?

Friday, October 19, 2007

OS X 10.5 and MacTel: what the Firefox bug list tells us

Firefox has been updated for 10.5. The list iof what doesn't work in 10.5, and even in 10.4, is an interesting example of how long it's going to take to finish the Intel transition
Mozilla Firefox 2.0.0.8 Release Notes

* On OS X 10.5 (Leopard), there are known problems with some media plugins as well as Add-ons that contain binary components. Also, the tabs in Preferences > Advanced will not render properly.
* The "Close Other Tabs" action on the shortcut menu of a tab can fail with an error when more than 20 tabs are open.
* Some users have reported problems viewing Macromedia Flash content on Intel Mac computers. To work around this problem, users can remove or move the PowerPC version of "Flash Player Enabler.plugin from /Library/Internet Plug-Ins.
* Java does not run on Intel Core processors under Rosetta.
* There is no Talkback on Intel-based Macs when running natively or under Rosetta. The Apple Crash report program should launch in the event of application crashes.
OS X 10.5 radically changed the graphics layer, so we should expect lots of rendering issues for some time. I suspect that Safari 3.0 will be a better choice on 10.5 that Firefox until Firefox 3.0 comes out. That should end the Rosetta dependence too.

Interesting note on Java. Client side Java is now hopping along on one leg ....