The previous month is:
The next month is:
2 January 2004
Dear god, what has Peter Jackson done?
I’m all for popularizing the Lord of the Rings, but I never thought that it would involve Barbie and Ken as Arwen and Aragorn:
I think I need to go lie down now.
For the bookmarks file: The Art of the Apology.
3 January 2004
Network reference: cornerhost server fingerprints.
5 January 2004
- Don’t use “reply to all” when responding to email. Abide by the good old “need to know” principle that’s so beloved by the military and send follow-up messages only to those people who will actually benefit from the reply.
- Write informative subject lines for your email messages. Assume that the recipient is too busy to open messages with lame titles like “hi.”
- Create a special email address for personal messages and newsletters. Only check this account once per day. (If you’re geekly enough to master filtering, use filters to sort and prioritize your email. Unfortunately, this is currently too difficult for average users.)
- Write short. J. K. Rowling is not a good role model for email writers.
Way cool - Images of Mars and All Available Satellites:
6 January 2004
While the nation was distracted last month by images of Saddam Hussein’s spider hole and dental exam, President George W. Bush quietly signed into law a new bill that gives the FBI increased surveillance powers and dramatically expands the reach of the USA Patriot Act.
The Intelligence Authorization Act for Fiscal Year 2004 grants the FBI unprecedented power to obtain records from financial institutions without requiring permission from a judge.
Under the law, the FBI does not need to seek a court order to access such records, nor does it need to prove just cause.
Previously, under the Patriot Act, the FBI had to submit subpoena requests to a federal judge. Intelligence agencies and the Treasury Department, however, could obtain some financial data from banks, credit unions and other financial institutions without a court order or grand jury subpoena if they had the approval of a senior government official.
The new law (see Section 374 of the act), however, lets the FBI acquire these records through an administrative procedure whereby an FBI field agent simply drafts a so-called national security letter stating the information is relevant to a national security investigation.
And the law broadens the definition of “financial institution” to include such businesses as insurance companies, travel agencies, real estate agents, stockbrokers, the U.S. Postal Service and even jewelry stores, casinos and car dealerships.
7 January 2004
9 January 2004
I really have begun to hate IM. More specifically, I’ve come to hate the IM networks - Yahoo, MSN, and AOL.
Why? Because they keep changing their protocols and breaking third-party clients. I’m not going to argue that they don’t have the right to do it - they do - but I don’t have to like that they do it.
See, my company uses AIM. Another company I work with uses Yahoo Messenger. Other companies I’ve worked for have used ICQ, and most of my family uses MSN.
Except, of course, my sister, who uses Jabber, because she’s cool. Jabber doesn’t change. Why? Jabber is an open-source, standardized rock. That’s why.
So to keep up with all of this I use Trillian at work and Gaim at home to connect to all these networks, partly because I don’t want to run 6 different programs for something I don’t even really like, and partly because some of those networks don’t have Linux clients. (C’mon, MSN! You can do it!)
This setup works okay, but not great. I usually don’t have to think about it too much. But every two or three months, somebody does something to fuck it all up. Like Yahoo.
See, in their latest releases they decided to change the login server their service uses from scs.yahoo.com to scs.msg.yahoo.com. They upgraded all their clients and left third-party clients to figure it out on their own. But they didn’t take scs.yahoo.com - they just made it so that it couldn’t communicate with scs.msg.yahoo.com. This meant that for the last week or two, I could see Yahoo users who were using Trillian or Gaim or Fire. But not Yahoo Messenger. Unfortunately, this included all the people who I needed to talk to in the first place, the ones for whom I had legitimate business reasons to IM.
It took me two hours of experimenting last night to figure this out.
Of course, even changing the login server isn’t enough; one has to patch the client, as well.
Thanks, Yahoo. I really fucking appreciate it.
I think my wife has the right idea: only use email, preferably with a mail client that’s at least 15 years old. (She still uses ELM - I’m a heretic - I switched to PINE.)
10 January 2004
Well, I finally got wireless working on Sarantium (my desktop) under Red Hat 9.0 using a Netgear MA301 adapter with a MA401 PCMCIA card. I finally gave up on the GUI, Googled on “netgear MA301 ‘red hat’ linux”, and went for the following:
/sbin/iwconfig eth1 essid NETWORKSSID
/sbin/iwconfig eth1 enc WEPKEY
I then checked in the redhat-config-network gui and - huzzah! - the card was active. Hooray for the command line!
13 January 2004
My wife is truly cruel. She sends me links to The Encyclopedia of Arda whilst I’m at work.
Argh! The temptation is too much for me!
14 January 2004
So, I’ve been watching the Adobe Photoshop’s currency filter brujahah with some surprise. Reading this Wired article, there’s something that I thought would raise much, much more outcry than it has - Adobe admits to putting code that they don’t know what it does into their products. Forget copying money - I don’t have any desire to do that. But running code that hasn’t even been checked by the vendor?
This is supposed to make me want to use their products?
Never upgrade old copy of Photoshop: check.
The hymn is nowhere translated in LotR, except for the words galadhremmin Ennorath that are interpreted “tree-woven lands of Middle-earth” in the second footnote in Appendix E. However, Tolkien provided a translation of this song in RGEO:72, followed by some illuminating comments. This is the main source for this article.
The hymn to Elbereth (that in RGEO:70 has a Tengwar superscript Aerlinn in Edhil o Imladris, *”Hymn of the Elves of Rivendell”):
A Elbereth Gilthoniel,
O Elbereth Star-kindler
silivren penna míriel
(white) glittering slants down sparkling like jewels
o menel aglar elenath!
from [the] firmament [the] glory [of] the star-host!
To-remote distance far-having gazed
o galadhremmin ennorath,
from [the] tree-tangled middle-lands,
Fanuilos, le linnathon
Fanuilos, to thee I will chant
nef aear, sí nef aearon!
on this side of ocean, here on this side of the Great Ocean!
In RGEO, Tolkien compared this hymn to the invocation uttered by Sam “speaking in tongues” in Cirith Ungol (LotR2/IV ch. 10: “then his tongue was loosed and his voice cried in a language which he did not know”…). We follow his example and will analyze this short utterance here as well. Notes Tolkien in Letters:278, “Though it is, of course, in the style and metre of the hymn-fragment [A Elbereth Gilthoniel], I think it is composed or inspired for his [Sam’s] particular situation”.
A Elbereth Gilthoniel o menel palan-diriel, le nallon
O Elbereth Starkindler from firmanent gazing afar, to thee I cry
sí di-nguruthos! A tiro nin, Fanuilos!
here beneath death-horror! O look towards me, Everwhite!
Tolkien’s own translation of these texts (rather free and florid):
[The hymn:] “O! Elbereth who lit the stars, from glittering crystal slanting falls with light like jewels from heaven on high the glory of the starry host. To lands remote I have looked afar, and now to thee, Fanuilos, bright spirit clothed in ever-white, I here will sing beyond the Sea, beyond the wide and sundering Sea.”
[Sam’s invocation:] “O! Queen who kindled star on star, white-robed from heaven gazing far, here overwhelmed in dread of Death I cry: O guard me, Elbereth!” Another translation, more literal, is given in Letters:278: “O Elbereth Starkindler from heaven gazing-afar, to thee I cry now in the shadow of (the fear of) death. O look towards me, Everwhite.”
15 January 2004
Tuesday’s edition of Microsoft’s monthly bundle of security advisories features an omission that should keep online fraud artists and identity thieves happy: over one month after its discovery, there is no official patch available for a bug in Internet Explorer that lets swindlers pass off counterfeit websites as the real thing.
The bug, publicly detailed on December 9th by “Zap the Dingbat,” is an easily exploited flaw in the way Internet Explorer displays URLs in the address bar: it turns out the browser is incapable of displaying the special character “%01,” or anything following it, in a Web address.
That simple gaffe is tailor-made for the devious online swindle called “phishing,” in which a fraudster spams the Internet with e-mail purporting to be from a reputable financial institution or e-commerce site, and urging the recipient to click on an included link to update their personal profile or carry out some transaction. The link takes the victim to a fake website designed — with increasing sophistication — to look like the real deal, but where any personal or financial information entered is routed directly to the scammer.
Experts have traditionally advised consumers to avoid these scams by carefully checking the address bar in their browser window to verify that they’re actually on citibank.com, for example, before entering their password or account information. But the IE bug makes that advice obsolete: combined with URL obfuscation techniques already well known to phishers, IE helpfully transforms a clumsy fake like “email@example.com/login/login.htm” into the flawless counterfeit “www.citibank.com.”
16 January 2004
19 January 2004
From a friend:
“The American Family Association is conducting a poll on support/opposition for gay marriage. Expecting a result that favors their pro-family position, they say they will present their results to Congress.”
“I don’t think they were anticipating your vote.”
20 January 2004
This morning’s news:
- new windows worm spreading all over the world (I had about 30 worm messages in my spam folder today, so *thats* what that particular exe does - thank goodness I read my mail on a UNIX box),
- Enterprise executves worried about getting renewed (but at least the current episodes are on the torrent),
- and 147 new emails in my work inbox (an inbox which actually gets no spam, surprisingly enough.)
I love three-day weekends.
Cingular Wireless has made a formal all-cash offer to acquire AT&T Wireless in a deal that would create the nation’s largest cell phone carrier, according to sources close to the deal.
22 January 2004
“We’re very concerned that the traditional state of marriage is under threat in our country by homosexual activists,” said AFA representative Buddy Smith. “It just so happens that homosexual activist groups around the country got a hold of the poll — it was forwarded to them — and they decided to have a little fun, and turn their organizations around the country (onto) the poll to try to cause it to represent something other than what we wanted it to. And so far, they succeeded with that.”
Of course, no such poll can be said to represent an accurate picture of popular opinion. But, clearly, the AFA had hoped Congress would take the numbers it planned to produce as exactly that kind of evidence.
Now, Smith says, his organization has had to abandon its goal of taking the poll to Capitol Hill.
“We made the decision early on not to do that,” Smith admitted, “because of how, as I say, the homosexual activists around the country have done their number on it.”
Just to be clear, Mr. Smith, I’m not a homosexual activist. I’m no activist at all. I’m just someone who doesn’t like it when people use statistics to lie. You had a poll, open to all. I voted. Next time, say “this poll is for AFA members only.”
Or better yet, just make up the numbers. It would be more honest.
25 January 2004
From Animal Planet this evening: Vital Ground.
26 January 2004
Hysterically funny: 5ives.
29 January 2004
Five words I’d like to hear the Pope use in everyday conversation
German-owned cellphone group T-Mobile is to sell its 50% stake in UK mobile phone joint venture Virgin Mobile, paving the way for a flotation.
The Deutsche-Telekom arm will surrender its Virgin Mobile holding to Virgin Group, ending a long-running legal row between the two partners.
More reasons to not use Internet Explorer — Microsoft recommends you type URLs, not click on them.
No, seriously: see Microsoft Technote #833786:
SUMMARYWhen you point to a hyperlink in Microsoft Internet Explorer, Microsoft Outlook Express, or Microsoft Outlook, the address of the Web site typically appears in the Status bar at the bottom of the window. After you click a link that opens in Internet Explorer, the address of the Web site typically appears in the Internet Explorer Address bar, and the title of the Web page typically appears in the Title bar of the window.
However, a malicious user could create a link to a deceptive (spoofed) Web site that displays the address, or URL, to a legitimate Web site in the Status bar, Address bar, and Title bar. This article describes steps that you can take to help mitigate this issue and to help you to identify a deceptive (spoofed) Web site or URL.
MORE INFORMATIONThis article discusses steps you can take to help protect yourself from spoofed Web sites. To summarize, these steps are:
- Verify that there is a lock icon in the lower right Status bar and verify the name of the server that provides the page that you are viewing before you type any personal or sensitive information.
- Do not click any hyperlinks that you do not trust. Type them in the Address bar yourself.
Things that you can do to help protect yourself from malicious hyperlinks.
The most effective step that you can take to help protect yourself from malicious hyperlinks is not to click them. Rather, type the URL of your intended destination in the address bar yourself. By manually typing the URL in the address bar, you can verify the information that Internet Explorer uses to access the destination Web site. To do so, type the URL in the Address bar, and then press ENTER.
Useful windows utility: TheOpenCD - Verifying files with md5sum.exe.