My printer can beat up your printer

November 4, 2007 | 2 Comments

Another notch on the lameness post, I’m totally stoked about the printer I bought. I selected the Brother MFC-9440CN based on excellent reviews and a price that was somewhat palatable. I have big ambitions of going paperless and our old printer had churned its last page*. I’ll try not to bore you with my requirements but I wanted an all-in-one print/fax/scan that did color laser output. After much research I had made my choice and ordered from  Newegg.

Now, after having set up the basic printing functionality on Leigha’s computer and my own I’m playing with the other features and this thing does so much more than advertised. That’s right, my printer can generate CSRs. I’ve worked on printers that had shell access but I thought that was reserved for the high end office printers; not anymore. Also, one of my personal favorite device features: email me when something goes wrong. It can also scan documents to an FTP server (in this case the NAS) which combined with the auto-document feeder can seriously move the needle on my paperless goal.

* The old printer was a good and trusty friend. I bought it when I first moved to Virginia in 2000 for $200 off Ebay. At last check it had something north of 150k pagecount. You’ll be missed Laserjet 4 Si MX (but not for your loudness, weight, or light-dimming power draw)!


Learning The Hard Way

November 2, 2007 | 3 Comments

When my role changed from developing to architecting I put a fair amount of thought into what I thought would make a good architect. My goal was instead of saying something was impossible to explain to the business folk what it would cost them in terms of money, people, and trade-offs. The philosophy is that technology should not be a barrier to the products and experiences that the business wants to create.

I’ve now come to a point where either I am completely incapable of articulating costs, or the business folks just don’t care or believe me. It is not a fun position to be in to explain to someone “doing X means horrible thing Y occurs” and they choose X anyway. If Y has no direct impact on the individual’s goals then it is understandable why they might want to proceed anyway. The typical case for this is when the technology is not designed to deliver the experience the product needs, which leaves me in a tough spot. We either:

  1. pay the (often prohibitive) cost of doing it correctly
  2. cram the square peg in the round hole
  3. come to a compromise
  4. don’t do it

The first two are (by the philosophy) successes, while options 2 and 3 are the more popular choices. Option 2 has costs as well, but they are the external types of costs I described above: the code becomes unmaintainable; the ability to deliver features will slow to a crawl; the complexity will eat us alive.

On the other hand, is there a practical difference between saying “that’s impossible” and proposing consequences of proceeding so dire that no reasonable person would proceed? It seems like the former would be significantly less frustrating and yield better results, but shameful at the same time.

This post is brought to you by late night rambling and sleep deprivation


Google Desktop < Spotlight

October 26, 2007 | Comments Off

When I migrated to the Mac I reflexively installed Google Desktop Search, because it just works so nicely on Windows. After literally months of moaning and suffering and people reminding me gently that this feature is built in, I tried Spotlight. It works just as nicely as GDS did on the PC. Google: GDS on my Mac crashes constantly. Not impressed.


How Linux on the desktop could possibly win

October 24, 2007 | 1 Comment

Previuosly I wrote about how Linux on the desktop doesn’t get much respect because it doesn’t deserve much respect. However, as I was writing the post something occurred to me. The only way Linux on the desktop would become viable is if enough mainstream applications move to the web. I was reminded of this the other day when I saw this Slashdot story about Adobe putting all of their applications online.

For example, Photoshop will never come to Linux, almost guaranteed. However, Adobe is porting Photoshop as a web application. GNUCash will never rival Quicken or Microsoft Money. Ever. However, Wesabe could be a very viable alternative for users. It’s not worth companies investing money into Linux applications when there are no Linux users (chicken and egg). However, if enough web applications become the de-facto standard for their vertical, you reduce the friction of moving from one OS to another, and this may lead to some slow growth of Linux desktops for certain segments, but that’s a big if and a big maybe.


Turning cursor visible in Terminal.app

October 10, 2007 | Comments Off

This is a quick tip. Since switching to Mac, one of the minor annoyances was that when my ssh sessions were terminated when I was running an application that disabled the cusors (usually mutt), I would be stuck without a cursor. I expiremented with stty and tset for a while until I ended up with old trusty escape codes. I created a shell function called ‘ssh‘ that looks like this:

function ssh { /usr/bin/ssh $*; echo -n '^[[?25h'; }

The trick is to make sure the “^[” is an escape character. Put vim into insert-mode, hit CTRL-V, escape where that character is supposed to be.


Writing Your Pin (kinda-securely)

October 8, 2007 | Comments Off

The following is a description of a simple technique my parents taught me to encode a PIN directoy on a card and have it only be usable by you. The technique involves choosing a 10-letter key, for our example let’s say our key is “subverting”. Then you taken your pin and do a letter substituion based on position: if our pin is 4321, the encoded string is “vbus” and you can write that on your credit card. It’s probably easier to treat a 0 in your PIN as position 10 unless you’re a programmer. You can use the same key repeatedly with relative security. Of course if your secret is compromised all your PINs are compromised. If a PIN is compromised it would simplify discovering the key. I think this technique is fairly secure (i.e., secure enough), the biggest weakness I can think of is that you narrowing the keyspace down. In our case it’s reasonable to determine that there are no duplicates and thus reduce the keyspace from 10^4 to 10*9*8*7 which is about 50%. It gets worse if you have a duplicate number (e.g., 4232) the keyspace becomes 10*9*8*3 which is a 78% reduction in keyspace. Clearly: don’t repeat a number in your PIN.

The next problem is coming up with a key (it can’t have any letters more than once). It’s actually a kind of fun mental exercise. In the 10-15 minutes I was thinking of this article I only came up with a couple. However, given a dictionary it’s fairly easy to find 10-letter words that meet the criteria. Here’s the code I came up with:


perl -lne 'next unless(length == 10 and !/\W/); $a = join("", sort split(//, lc)); $a =~ tr/[a-z]//s; print if(length($_) == length($a))' /usr/share/dict/words

Where /usr/share/dict/words is your dictionary. My dictionary had 392 of such words, and you can also do 2-word combinations (e.g., “dutchovens”) but those are harder to come up with.

I should also add that it is possible to extend the cipher to be more complex/secure but the idea is to make it simple enough to translate from letters to numbers to liberate you from using the same PIN for everything. Also, here is a related to story on why banking PINs are 4 digits [via Bruce Schneier].


Anniversary Weekend

October 1, 2007 | 1 Comment

This weekend was our first wedding anniversary and we celebrated on the beach. Leigha’s mom volunteered to watch Anna for the weekend, so we accepted her offer to spend some time by ourselves. We explored the options, we considered New York City, but there was too much to do in too little time. Instead we decided to go to Virginia Beach. Ideally it would be quiet and uncrowded and low-key. Saturday morning we did some last minute packing, loaded up the convertible and hit the road around 9am. We were in no rush to get there so we stopped and had lunch along the way. We checked into the hotel around 2 or 3pm and went to explore the beach.

Continue reading Anniversary Weekend…


Life Copies Art: Discover Card Watches “Office Space”

August 26, 2007 | Comments Off

I am just doing my weekly mail/bill review and I get a nice note from Discover Card (which I only rarely use) telling me about changes to my agreement. A rough look says nothing is in favor of the consumer. But this is the gem that prompted me to write this blog entry:

We are changing how we determine your Cashback Bonus. When we calculate your Cashback BOnus at the end of each billing period, we will round down to the nearest cent, rather than rounding to the nearest cent.

I believe I saw this scheme in Office Space. I believe it ended up with building being burnt down. Most of the other changes in the agreement are equally shameful and one-sided. The late fee now depends on your balance. If it’s less than $250, your late feel is $19, otherwise $39.

I don’t particularly care. I carry it for the same reason I carry Visa. There do exist places that only take Discover (interestingly, City of Arlington is one of these). I also use these when I need to make a set of purchases I want to track separately. If I go on vacation or a business trip, I’ll (try to) use only my Discover Card. That way at the end it’s easy to see how much I spent without doing special tracking.


My approach to commenting

August 13, 2007 | Comments Off

I’ve previously discussed how I don’t really get what comment spam is supposed to accomplish. I wanted to document how I configured WordPress to let good comments through and keep bad comments out. The “trick” to realize that most commenters don’t usually leave links. To that end I’ve configured this website to allow comments without links through without moderation. All other comments must be approved. And of course, I use Akismet which is great. In total I think maybe two or three spam comments enter the moderation queue every month. And non-spam comments never have, but then again, how many comments have been left? (Answer: 21!)

The setting is simple. Under “Options / Discussion” I’ve set it to e-mail me on all comments and e-mail me when there’s a comment held for moderation. I leave all three of the “Before a comment appears…” checkboxes blank, along with the blacklist box. Finally, and most importantly, I put a “1″ in the box for “Hold for modeartion if a comment as [ 1 ] or more links.”

That’s it. I’m sure this is earth shattering. Enjoy.


Vonage Voicemail Transcription Hilarity

August 11, 2007 | 2 Comments

I had in my queue a post celebrating Vonage for their voicemail transcription service. This is actually a pretty clever idea and very useful. The idea is to save me a call and some button pushes or a few mouse clicks (I already get voicemail as an email with .wav attachment), but when I already know who called and when (from the email) the extra step of actually listening seems tedious and redunant. That’s what I had *planned* to do. The service worked great for a few weeks, but clearly the original trained foreign labor has been replaced either with machines or untrained foreign labor. I’m considering posting these transcriptions weekly because they make me angry and laugh at the same time. I’ve already communicated this to Vonage, but they replied with a nigerian-spam looking email asking me they’d love to help me if I just provide the following details …

(I’m not making that up).

So first, let’s seem some of these hilarious feats of English:

“Hey. It’s ethnic i think you know. if she’s also going to come over tomorrow between wanting to. And she’s going to be. Bringing you to call. Bottom baked beans. And i’m going to bring it. Either tennis out led by process out. So i think so much for everybody has crashed your house. And You know crash a pool party. What i. Hope you have a wonderful day. In the c my. Bye spice.”

That’s probably the best one so far.

“(Elias?), it’s (Erin?). It’s about 7:15. Was trying to phone call. Where do we get this? Give me a call. I’m on my way to my mom’s, but I self service majority of the way. So, just (??) to you. All right. Bye.”

My hobby is coming up with elaborate scenarios under which someone might leave a message like the following:

“Hey staff i was just calling. I’m i was on the other line area and i can get over. talking enterprise so.”

Finally, I’ll include the Nigerian spam I mentioned. Now, for bonus amusement I add the following: I sent this email from my account control panel after having logged in.

I received your email requesting assistance but I am unable to assist you until I can first validate you are the account holder.

For your protection and to ensure that your account is not compromised, please reply to this email and include the account information listed below. I look forward to your reply so that I can assist you.

[snip]

Account Information Needed:

1. Vonage Account number.
2. Email address registered on the account.
3. Billing address on the account.
4. First and last name on the account.

Who wants to be the one to tell Vonage the if my account was comprimised, asking for this information doesn’t really prove anything? Makes me proud to be a Vonage stockholder! *flush*