and I donated to SixApart/MovableType for what?

Movable Type’s Spam Hole | Metafilter

Movable Type 2.64 contains a major vulnerability to spammers. The spam hole, which exists in all versions of the program downloaded before November 26, centers around the mt-send-entry.cgi script, which can be co-opted by spammers who then use your domain and resources to do their dirty work. Users are encouraged to download and install the new “secured” version of mt-send-entry.cgi or to remove the file from their installation altogether. (If it is not being used, it can be safely deleted without affecting other MT functionality.) The question does arise though, with literally tens of thousands of MT users affected by this vulnerability, why didn’t anyone at Six Apart think that this news warranted an announcement anywhere beyond the Movable Type news blog?

A lively thread ensued at MetaFilter, but the bottomline for me is, a. they asked me to sign up to a mailing list which would be where I would expect to see information like this and b. I also donated to SixApart which I would hope counted as some kind of vote of confidence (in addition to using their stuff for almost 2 years) and that should entitle me to a “heads up” when something like this comes up.

Color me annoyed.

maybe there’s a reason I don’t get the political discourse

Orcinus

One of the important things I learned as a cops-and-courts reporter lo these many years ago was something about crime victims: That they often make themselves vulnerable to violent crimes because they are not prepared to deal with people who are sociopathic, or who exhibit antisocial or narcissistic personality disorders, or in some cases outright psychoses. That they project their own normalcy onto these other people — they really cannot believe that someone else would act in a way substantially different from their own decent, sane base of operations.

In a way, I think this is a large part of what is happening to our national body politic: People in key positions of media and conservative ideological prominence (Coulter, Limbaugh, even Bill O’Reilly) exhibit multiple symptoms of being pathological sociopaths, either antisocial or narcissistic, or a combination of both. And not only their fellow participants in the conservative movement, but mainstream centrists and even liberals are unable to figure out that there is something seriously wrong with these people because they are projecting their own normalcy onto them. They cannot perceive because they cannot believe — that, above all, these people are not operating within a framework guided by the boundaries of basic decency that restrain most of us.

They are political muggers out of control — and as their rhetoric encourages both the figurative and physical elimination of liberals, they become ever more likely to actually tread into regions of real violence.

Lifted wholesale from Rebecca’s Pocket.

strong stuff, but worth reading. I found the radio program a few days ago on liberal talk radio so frustrating: it shouldn’t be a race to the bottom. Should it?

On a related note, my wife gave up on reading Al Franken’s book on the right: it was making her too angry to see what they were getting away with. Liberal media, my foot . . .

want a job? ask me about it before you apply

Job Listing

The (heavily revised) listing to fill my old job was just posted this week . . . .

Primary responsibilities. The person in this position will work independently to manage the programs and projects that fulfill the goals of the Shidler Center.

1. Manage finances and seek new funding sources
2. Oversee administration
3. Direct Shidler Center outreach programs to members of the legal and business communities and academic communities
4. Work with student editors of electronic journal
5. Manage Relations with Shidler Center Advisory Board; annual Gala
6. Manage relations with students and faculty
7. Oversee Shidler Center marketing and public relations

I’m omitted the detail for each numbered item, but I’m struck by how much “managing”, “overseeing” and “directing” there is. I wonder who will actually do all the *work* that needs to be managed, overseen, and directed? Who is going to do the rewriting of letters that no one could be bothered to run through spell-check or even read for clarity? Who is going to read through all the email and write up meeting agendas for weekly staff meetings that no one will adhere to anyway? Who is going to try repeatedly and unsuccessfully to get the administration of this center off of yellow legal pads to something that pays lip service to “law, commerce and technology?” And the description of the position as one where someone will “work independently” is laughable: the successful candidate will be interrupted and harried at every turn by two academics who are unsuited for anything else.

It’s interesting that the very idea of reclassifying/re-defining the position as professional staff or improving the compensation was well nigh impossible not too long ago . . . .

Bah, good luck and good riddance.
Continue reading “want a job? ask me about it before you apply”

Apple hardware innards, illustrated

APPLE MANUALS

I have lucky enough to come across a slot loading CD burner for an iMac — something my iMac lacks — but installing it promises to be a challenge. The iMac is not known for its user-serviceable nature . . . . I’m sure I could get it open but it might not look showroom-new when I got it back together.

But a quick Google search turned up this fantastic and comprehensive resource of “take apart” guides. The one for my particular iMac is 400+ pages and chock full o’ pictures and detailed instructions. I feel my anxiety melting away . . . .

A great way to get a look at the inside of the Xserve or other desirable hardware . . . . .

the Soviets, er, Russians are coming

DEAN: Iran is a more complex problem because the problem support as clearly verifiable as it is in North Korea. Also, we have less-fewer levers much the key, I believe, to Iran is pressure through the Soviet Union. The Soviet Union is supplying much of the equipment that Iran, I believe, most likely is using to set itself along the path of developing nuclear weapons. We need to use that leverage with the Soviet Union and it may require us to buying the equipment the Soviet Union was ultimately going to sell to Iran to prevent Iran from them developing nuclear weapons. That is also a country that must not be allowed to develop nuclear weapons much the key to all this is foresight. Let’s act now so we don’t have to have a confrontation which may result in force, which would be very disastrous in the case of North Korea and might be disastrous in the case of Iran.

If it was a momentary goof, I’d be OK with this, but three occurences in a single answer, when he referred to the former Soviet Union previously, is too much.

From MetaFilter . . .

using apt as an option

Well, fink continually fails to install xfree86-*, as it turns out.
mkdir -p /sw/src/root-xfree86-rootless-4.2.0-12/DEBIAN
install -d -m 755 /sw/src/root-xfree86-rootless-4.2.0-12/sw/..
mv /sw/src/root-xfree86-base-4.2.0-12/sw/../Applications /sw/src/root-xfree86-rootless-4.2.0-12/sw/../
mv: rename /sw/src/root-xfree86-base-4.2.0-12/sw/../Applications to /sw/src/root-xfree86-rootless-4.2.0-12/sw/..//Applications: No such file or directory
### execution of mv failed, exit code 1
Failed: installing xfree86-rootless-4.2.0-12 failed

Whatever . . . .
Continue reading “using apt as an option”

building tcltk from source didn’t go so well

[/Developer/Sources/TclTk/tcl/unix]# make TCL_LIBRARY="/System/Library/Tcl/${Version}"
tclsh ./../tools/genStubs.tcl ./../generic \
./../generic/tcl.decls ./../generic/tclInt.decls
make: tclsh: Command not found
make: *** [../generic/tclStubInit.c] Error 127

I’m not sure how the process can invoke tclsh with any hope of it working, since that’s what we’re building.

Perhaps I can just pull this off an OS X 10.1 upgrade CD . . . . .

is the physical database obsolete?

ongoing -· Do Databases Suck?

The Moral of the Story Databases suck. Except when they don’t

Databases don’t have to suck, but in many cases they do. Depends on how often you end up using the slowest components. Since Tim’s piece mentions bulk-loading as taking a long time, that suggests a lot of disk activity — writing records, updating indices — and that’s a performance killer.

Contrast that with this view:
“I just got a new Mac with two 2-gigahertz processors, 8 gigabytes of memory, and a half a terabyte of internal disk,” [Bill Joy] said, describing his Power Mac G5. “… So you have the ability to hold a huge simulation all in memory — a database becomes a data structure. Add 64-bit computing and I can do breathtaking visualization.”

Not that I want to plug OS X — there are other ways of doing this, of course — but this is reminiscent of the information retrieval startup I was working at 3 years ago (this is memory lane week, apparently. The salient lesson from that experience seems to be that any technology can be misused . . . . ).

RAM is always faster than disk, but more expensive, so in the context of your overall design, you end up with the age-old question: cheap, fast, or good, choose any two.

Going to an in-memory database or some way of scaling up from the limitations of a single box was the way to go. There was a recent article where Google may be hitting the 32 bit limit on article identifiers. I would guess they’re doing some really cool stuff in memory, like sharing cached results and the like.