I’m flying ATA to Seattle today, so I tried to use their web site to check in. I had some printer trouble while printing boarding passes, so I clicked the “Go Back” button on the boarding pass page. Imagine my surprise when I got someone else’s boarding pass. I immediately pegged it as a session-rollover hole, so I called ’em up and spoke to a helpful lady at their Internet service desk. I followed up with a screenshot showing the other passenger’s boarding pass, and they followed up with a call from their webmaster. It turns out that instead of including a “your session has timed out” page like, oh, 99.8% of other e-commerce sites, they throw up this fake boarding pass. It’s being fixed. I’m glad it was a placeholder and not a real security flaw, and I’m even gladder that they took prompt action to square it away. I hope their IT staff’s attitude is reflective of the flight and cabin crew’s attitude.
Curse you, IBM!
If I had time, I’d write Sam Palmisano a nasty letter. I don’t, so this will have to suffice. Why in the hell doesn’t the battery for the T20 series ThinkPad fit in the T30? They’re the same size, but there’s a protrusion on the T30 battery that’s not there on the T20. Identical capacity, nearly identical casing– I’m tempted to use a Dremel tool to make it fit. Grrrr.
Comments Off on Curse you, IBM!
Filed under Smackdown!
Getting married remotely
Well, this is a new one on me:
Montana is believed to be the only state that allows marriages by proxy without the missing partner being connected to the ceremony by telephone. Texas and Colorado have proxy marriage laws but both states require the missing party to say their vows by telephone.
This is from a story about an Army PFC in Iraq who married a woman in Montana, without actually being present. This gives a whole new meaning to the concept of man-in-the-middle attacks.
Comments Off on Getting married remotely
Filed under Musings
I can’t believe I ate the whole thing
 |
I’m a Taco Bell junkie. OK, it’s not quite that bad, but I do like the food way out of proportion to its quality. Recently I have discovered the Southwestern Steak Bowl. Actually, I saw it flash by during a commercial I was skipping while watching 24, so I guess TiVo isn’t the end of ad-supported TV after all.) After my first one, I was hooked– after all, it weighs nearly a pound, and boy does it taste good. I went to the Taco Bell web site to look up nutrition information and found– surprise– nothing! Not being easily discouraged, I filled out their feedback form, and this week I got a nice form letter in the mail, along with a copy of the breakdown. As you can see, this bad boy has almost a whole day’s worth of sodium and half a day’s fat and fiber (not to mention 30% of my vitamin A, 35% of iron, and 20% of calcium). That means I can cut down to two meals a day, perhaps with a little ice cream as a bedtime snack. Top that, Atkins Diet! |
Comments Off on I can’t believe I ate the whole thing
Filed under Musings
Free stickers
All right, here’s the link: Stickers For Hackers. Now please send me my free sticker. (Hat tip: J-Dawg.)
Comments Off on Free stickers
Filed under General Tech Stuff
TV Land, part 3
The cable guy came today. Remarkably, my appointment time was between noon and 5pm, and he showed up at 12:00 on the nose. Too bad I was at Rotary. After 45 minutes or so of head-scratching, cable-swapping, and complaining about how complicated my setup is, he isolated the problem: the satellite installer used diplexers to save himself from having to run another set of cables. The installer is convinced that the fact that the satellite receiver sends 18V to the LNB is the problem, but I think it’s much more likely that the diplexer sends 2-856MHz to the TV output and 950-2250MHz to the satellite output. The DCT-5100 FAQ says to make sure that you have full 2-1000MHz signal from pedestal to cable box, so I think the diplexer’s bandwidth is at fault. To fix it, I’ll have to run another cable through the basement, then add a port to the wallplate so that I have a clean run from the cable service entrance to the box.
I must say that the Discovery HD picture was stunning, for the few minutes I got to see it while installer-man was doing his thing.
Comments Off on TV Land, part 3
Filed under HDTV and Home Theater
TV Land, part 2
So far, I’ve learned a number of things about HDTV. First, if you watch a crappy movie in HD, it’s still crappy. (Disclaimer: I didn’t watch the whole thing). Second, for some reason the HD signal from the local CBS affiliate isn’t showing up as HD here; when I tune in something that is supposed to be HD, it’s still 4:3. Third, and worst, I’m still not getting a watchable picture on Discovery or HBO. It may be that the splitter is at fault, or it may be a bad box; a Buckeye tech is due out tomorrow to check.
The bigger issue: Buckeye is going to require subscribers to buy a box; they’re not going to rent or lease them. In that case, I almost certainly will buy an over-the-air and satellite tuner combination instead– that way, I can be guaranteed that they can go where I do, and I’ll get more channels.
Comments Off on TV Land, part 2
Filed under HDTV and Home Theater
Three things you should read
A hat tip to an (unnamed) pal at Microsoft, who sent me (working) links for three useful documents:
- The Windows Server 2003 Security Guide describes best practices for securing WIndows Server 2003 member servers, DCs, file servers, and IIS boxes. Well worth reading, if only to get an appreciation for what’s new in 2003.
- Threats and Countermeasures: Security Settings in Windows Server 2003 and Windows XP describes almost all of the group policy settings that apply to WS2003 and XP; for each, it explains what the setting does, what side effects it may cause, and what vulnerabilities it protects against.
- The Windows 2000 Hardening Guide explains how to harden your W2K servers, depending on their roles.
Comments Off on Three things you should read
Filed under General Stuff
TechEd 2003 right around the corner
TechEd 2003 is right around the corner. In addition to my session, there are a number of other useful sessions that security-minded folks should consider:
- Mortimore, SEC301, Best Practices for Security and Patch Management (Arena, Monday, 1330-1445)
- Attwell, MSG328, Reducing Spam with Exchange Server 2003 and Outlook 2003 (Ballroom C1/2, Tuesday, 1045-1200)
- Riley, SEC304, Enhancing Exchange, OWA, and IIS Security with ISA Server Feature Pack 1 (Arena, Tuesday, 1045-1200)
- Morris, MSG329, Controlling Viruses with Exchange Server and Outlook (D171/D173, Thursday, 1700-1815)
- Riley, SEC499, IPSec Internals and Implementation Examples (Arena, Friday, 1300-1415)
- Batthish, MSG345, Deploying OWA and FE/BE Topologies for Client Access (Ballroom C1/2, Thursday, 1330-1445)
- Riley, MSG308, Secure Access to Exchange From the Internet (Ballroom C1/2, Wednesday, 1700-1815)
I won’t be able to attend all of these, but I always make it a point to hit Steve Riley’s presentations, and if you’re interested in baseline security and patch management, Mark Mortimore’s session is a must-attend too.
Comments Off on TechEd 2003 right around the corner
Filed under General Stuff, Musings
TV Land, part 1
If you don’t like boring technical details, you may as well stop reading now. Go here instead.
I just bought a Samsung TXM3097WHF TV. It’s a 30″ widescreen, one step up from the low-end 3096WHF that Best Buy sells. This particular model adds 3:2 pulldown and a two-tuner picture-in-picture circuit to the base model, and I lucked into one for $792 at Sears– about $300 off the best normal price. Of course, I got a floor model, and it’s been discontinued by Samsung, but it met my objective of providing an inexpensive widescreen HD set. (The nearest model I could find that didn’t say “Samsung” on the front is an $1800 Toshiba 34″ widescreen, so I’m prepared to put up with a lot for the $1000 savings.)
Problem #1 is that the TV is too wide to fit in the entertainment center– the flare at the back of the case is about 1 1/4″ too wide for the precut opening. A little saw work will fix that right up, as soon as I get some saw blades.
Problem #2: the TV has two component inputs, which is great. It also has two RCA-style inputs. However, you can’t use all four at the same time. Oops. Somehow Samsung forgot to mention this in their marketing literature.
Problem #3: there’s one S-Video input, and it’s on the side panel. I knew about this one ahead of time, but it’s still aggravating, since the TiVo and VCR are both fed to the TV via the receiver’s S-Video out.
Problem #4: the TV uses two separate buttons to cycle between the inputs. Button 1 goes RF->component1->component2; button 2 goes RF->RCA1->RCA2->S-Video. That makes switching (say) from DVD to TiVo a finger-stretching exercise not unlike a concert pianist’s warmup.
However, for $1000 in my pocket, I’m prepared to put up with a lot. (After all, I’m getting off much easier than this guy did.)
The HDTV feed installation went well, since I did all of it. The installer had 15 minutes of training on the DCT-5100 cable box this morning, before his first install. He’d never seen a component video cable or optical SPDIF, and he was leery of disturbing any of my wiring. I ended up doing the work while he struggled with Buckeye’s call center to get my box authorized. After a three-hour wait, I can now receive two of the four HD channels: Showtime-HD (currently showing a 4:3 movie) and WTOL-DT (currently showing Oprah, which is bad enough in standard definition.) No Discovery Channel or HBO yet, which is too bad; it looks like there’s some good stuff on later tonight. More when I have time to dig into the stack of paper the installer left, much less actually watch something in HD. It’s hard to imagine that I’ll want to watch anything on CBS, but hey, maybe I will.
Comments Off on TV Land, part 1
Filed under HDTV and Home Theater
FUD and Linux
Jeremy points to a Bruce Perens article which more or less accuses Microsoft of being the puppetmaster behind the whole SCO-Linux mess. Josh Allen has a great rebuttal that correctly points out that a conspiracy in this case is, ahem, unlikely. That’s all I have to say about that.
Well, OK, not really. I have to admit that I got a kick out of Eric Raymond’s contention (see page 2 of the story) that the Linux gang is the “principal source of innovation in software”. They’re busy ripping off copying reinventing every feature they can grab from vendors as diverse as MS, Apple, and Opera (not to mention Sun and Palm). I have yet to see anything as innovative from Linux as any of the following: auto-discovery of WiFi networks (Win XP), Quartz compositing (Mac OS X), browser-based S/MIME email (Exchange 2003), complete support for FireWire 800 (Apple), support for IP over FireWire (Apple, Microsoft, and some other third-party ISVs)… I could probably think of some others, but I have real work to do.
Comments Off on FUD and Linux
Filed under Smackdown!
The perfect day?
So, here’s a breakdown of yesterday:
| Activity | Score |
| Yardwork | +5 | Just because I wanted to | +25 | Trip to Lowe’s | +10 | And buying something | +20 | It was lumber | +50 | More yardwork | +0 | Using concrete | +25 | And a saw | +100 |
| Hanging out with Tim | +50 |
| While using power tools | +125 |
| Dinner | +10 |
| It was gumbo | +25 |
| For the 2nd night in a row | +50 |
In the morning, Thomas and I dug up a bunch of, well, crap from the front beds. I then dug up a couple of dead bushes in the back yard, then watched Thomas cut down a tree that had grown into the fence. We went to Lowe’s to buy lumber, concrete, swingset parts, and other essentials; when we came home, I took down about 20 feet of old side-yard fencing, with lots of help from Tim. Tim and I reset two fenceposts and fixed a sagging section of fence, then I dug up some more crap while Tim made a custom fencepost to replace one that had rotted. We reset that too (so much for the rest of the concrete), then made a huge run to the dump. Then gumo, after which came the Great TV Adventure, about which more later.
Comments Off on The perfect day?
Filed under Friends & Family
If you need me, I’ll be on the sofa watching TV
Next Tuesday, the installoid is coming to put in my HDTV box. The local provider has HBO, Showtime, Discovery HD, and the local CBS affiliate. This is kind of disappointing; I don’t watch anything on CBS, so I’d much rather have ABC and Fox. Supposedly, they’re coming soon, along with ESPN-HD. (However, ESPN is broadcasting in 720p, and I am too cheap to buy a 720p TV at this stage of HD’s maturity, so when I do get it it’ll be upconverted to 1080i).
Because this is just a test, it’s too early to tell how much Buckeye will charge, what other channels they add, and so on. I figure that if I really like the HD content, I’ll be better able to stomach buying an over-the-air tuner for local channels and an HD-capable satellite receiver. Then again, maybe not. I also have to budget for a progressive-scan DVD player; my three-year-old Zenith 2550 has component out, but no p-scan. I need to find someone with a p-scan player and a conventional TV and horse trade with them, probably.
Comments Off on If you need me, I’ll be on the sofa watching TV
Filed under Uncategorized
Build your own safety sign
This has many cool applications. I don’t know what they are, though.
Comments Off on Build your own safety sign
Filed under General Tech Stuff
If the shoe fits…
My old tennis shoes have been getting a bit ratty, so I thought I’d pop over to Amazon and order some new ones. This has two benefits: I get a small kickback, and I avoid having to go out and waste time actually looking for shoes. However, there’s a slight problem: they don’t actually have any shoes in my size. I could understand if they only had ugly shoes in size 13, but c’mon… even the fugly ones top out at size 11 or so. I guess I should be happy that their real-time database integration shows exactly which sizes they have in stock, but it’s still disappointing that I am now condemned to visit Shoe Carnival or the equivalent.
Comments Off on If the shoe fits…
Filed under Musings
Paul's Down-Home Page 
