A Man and his Penguin

Probably in response to the Surf The Channel competition for the person who posts the most links within the competition period, some awesome person has located and posted links for a bunch of the missing episodes of What I Like About You!

There's just one unusual thing. I watched episode 2 of WILAY, which was posted on one of those Chinese video sites. There was a different theme song! Not a bad song by any means, but I mean the show is the name of the usual theme song, so what gives?

Maybe in some countries they couldn't get the copyrights to use the normal theme song, so they had to substitute it.

Once again a good episode, especially because Amanda steps out of a mudbath and her clothes cling to her body :-)

Today I also worked a bit on Massive Burn, and I think I realise now why Blacklight was slow and kept crashing. Design issue, not implementation issue. I'll try switching the threading design and hope it works.

I also went to Joondalup. On a whim, I drove around looking for a nice little park where I once chilled out and read a book. I want to have a quiet place where I can go again. I found it, and discovered that the street actually has some little cafes and other businesses! So I guess it would be nice to go there for lunch or dinner. It's Regents Park Street, Joondalup. My new quiet place.

Other than that, not much to report. I'm feeling a bit lonely lately, and also lacking in self-confidence. I feel depressed about the situation, and don't feel like I can do anything to help myself. I also dislike that I'm not excercising, but I never seem to get around to doing anything before it's time to go to bed. I've also been very tired recently, but I'll try going to bed earlier.

Oh well, all I can do is what I can do. I'll try again tomorrow to get some excercise done, and we'll see about the other thing too.

I've actually created a rickroll myself, just now. I've uploaded it to Youtube and it's still processing.

Next to its icon, it says "Matched third-party content". Clicking the link brings me to a page that says it contains content that is owned by SonyBMG, but that they have allowed distribution of this content in return for being made aware of its ratings and statistics.

So, that gives you some indication of how good Youtube's content detection is (or its Rickroll detection is!) and that SonyBMG doesn't mind the song being used in this way.

Oh, it's a great Rickroll!

I noticed on Surf The Channel that they had a new video - a Doctor Who short that I must say was incredibly boring. I looked in the Related LInks on Youtube and there was an actual news story about the making of the video. I clicked that and found it to be even more boring than the short.

Then in the related links, there was a video called "DAVID TENNANT AND BILLIE PIPER SHAGGING IN THE TARDIS SET". Three and a half minutes long. With a heading like that, how could I resist clicking on it?

-------

I'd been toying with the idea of writing a sort of Hypercard, to enable easy application development. But I've been beaten to it - www.tilestack.com is a free-as-in-beer, web-based Hypercard player and editor. It actually converts the Hypertalk language to Javascript so you can run stacks on any web browser/OS combo that supports Javascript (pretty much anything).

Very cool. It's invitation-only at the moment while they finalise some stuff, but you can request an account with them all the same. I hope to give it a full run-down. They are also talking about it being deployable through Gears too, later down the track - but I guess you could just save the web page?

Microsoft Windows XP (and Vista) have interapplication communication systems - they allow programs to identify and talk to eachother. Very useful. With Vista, Microsoft put in a complex security system that prevents lower privileged programs from talking to higher privileged programs, with the aim that trojans wouldn't be able to gain admin privilege just by talking to admin services.

There was a flaw found in it, but I've heard that it would be a bitch to exploit, and it would require a flaw in the targetted service too.

Mac OS X also has an interapplication communication system called Applescript. You can actually also use it as a scripting language. Applescript has been around since System 7 on the Classic Mac OS, and then for some reason it was shoehorned into OS X (which has a Unix-y security system).

Applescript doesn't take notice of what permissions each program is running with, so any program can communicate with any other Applescript-aware program. This isn't a good thing, but it's not a bad thing. Any program that uses the Cocoa or Carbon APIs is also automatically Applescript-aware with at least a small vocab of commands. This isn't necessarily a bad thing.

One of the Applescript commands available is "run shell script". A program can send an Applescript command to another program, telling it to execute a particular string as a shell script. Pointless? Yes. Useful? No. Dangerous? FUCKING HELL YES IT'S FUCKING DANGEROUS!

Any Cocoa or Carbon program running on your Mac OS X system can tell any other Cocoa or Carbon program running as root to execute a shell script, WITH ROOT PERMISSIONS. This is pretty bad, until you realise that Apple ships a Cocoa program with Mac OS X that is setuid root; in other words, when it runs, it runs as root.

Yes. Any program you run can become root in just one line of easy-to-understand code. Any program you are running that has a remote exploit can run this Applescript code to give a remote attacker access to your entire system.

Oh, this must be a flaw in Unix, right? Wrong. Unix is working perfectly well, it's the overlying operating system that has a bad flaw in its design. Migrating a scripting language designed to run on a single-user system, over to a multi-user Unix system, was just asking for trouble.

This must be a recent problem? No, the basic problem has existed since OS 10.0. Apple has been aware of it for four years. Yeah, but it must be getting fixed for 10.6 Snow Leopard?  No, Apple has shown no interest in fixing either the basic problem (the "run shell script" command) or the immediate problem (shipping a Cocoa program that runs as setuid when it doesn't need to), and it is still present in development builds of 10.6.

THERE IS NO SIMILAR FLAW FOR VISTA. If there are local admin vulnerabilities in Vista, they require a fair bit of knowledge and a fair few lines of code to exploit. Nothing you could accidentally stumble into. But I can see somebody accidentally exploiting the OS X vulnerability when trying to do some Applescripting.

Microsoft's security department absolutely pwns Apple's.

I don't need to worry about it, because I don't use an operating system that's been designed by a monkey and engineered by a git, but if you use Mac OS X you should be afraid. Very afraid. Who knows what other "beige box" vulnerabilities there are yet to be discovered?

Here's just a quick update.

I went over to the person's house and set up her computer. It's got a Pentium D with 2 gigabytes of RAM, so it runs Vista quite well. Once you turn off all the warnings.

I tried to find where to set a 15-minute timeout for UAC, like Sudo, but I honestly could not find where to do it. Some of the help files described options that weren't there either, and the control panels referred to buttons that were actually just items in popup menus.

A bit of a jumble, but I got through it. Vista does feel odd to me, but then I guess XP does too.

My protest against the Beijing Olympics continues, and I'm successfully not standing around watching it when things are slow at work. Apparantly, the girl at the opening ceremony who sang the song was just doing a Milli Vanilli - the real singer was apparantly deemed too ugly to appear. Bloody commies. I also heard that *all* the judges for the shooting were Chinese, and awarded hits to the Chinese shooter when he was actually missing.

I bought a Big Mac today and discovered that it came with a free Coca Cola glass. I thought this was pretty wicked... until I got it home and found the Beijing Olympics logo on the other side of it. I'll still keep it.

My workmate asked me if a particular Pinnacle TV tuner works with Linux, so I did some research and found that it does. Even the remote can be made to work the way it should... or you can pull pranks on someone by reassigning the buttons to different actions like "play fart.wav" or "firefox http://goatse.cz". My workmate put in an order and the stock should be arriving soon. I decided to get one as well, so I've got an excuse to install MythTV. :-)

Guitar Hero? I finished it on Medium, and since then I haven't touched it. I really need games that are not shallow and cannot be completed within 6 hours. Unfortunately, few Wii games seem to have the same depth as something like Bully. I've seen Zelda Twighlight Princess second-hand at my local EB Games and I guess I should get it some time. Not to run Linux or homebrew on my Wii, I swear - just so I can play a game that I won't complete in two days.

Another week, another blog post by somebody who, although probably a nice person, really hasn't taken much time to look at Ubuntu before pronouncing it "Not ready for the desktop".

This week, we have Christaroz.

I was forced to go find and install them myself, which wouldn’t be an issue if Ubuntu made sense when it installed things, but it’ doesn’t, because  programs don’t install into a main folder like they do with Windows.

Why does it matter where the programs get installed to, when they:

a. Appear in your Applications menu
b. Are launchable by typing their name into the Alt-F2 "Run" dialog
c. Disclose their location inside Synaptic, for the people who really really want to look for some unusual reason

I don't know. On Linux, you do not need to know where any programs get installed to. So why complain when, with good reason, they install to locations where other Linux programs can easily find them?

Then there’s customization issue. Windows ships with at least a handful of different themes and backgrounds. Not so with Ubuntu. Want to change a theme? Good luck. Background? No so hard, but you’ll have to find the picture yourself.

Ubuntu ships with a handful of different themes. Here's a list:

1. Clearlooks
2. Human
3. Crux
4. Glider
5. Glossy
6. High Contrast
7. High Contrast (Big Icons)
8. Mist

Windows comes with three - Luna, Olive, and the metal one. Oh, and the Windows 95 theme that is still available in Vista for some reason.

Go to System > Preferences > Appearance and you get a list and sample of them all. Click each one to see it apply in real-time to your desktop. It's not so much "If you want to change a theme, good luck" as "If you want to complain about Linux, good luck trying to claim that theme-changing is hard".

Installing new themes is ridiculously easy, too. Download a theme package to your hard disk. Drag it onto the Appearance window. You're done. You simply cannot get more intuitive than that. For those Windows users who haven't realised you can drag and drop, there's also an "Install Theme..." button in Appearance.

There are only two desktop backgrounds, but you can add more exactly the same as with the themes.

Screen saver? There are several to choose from, but they’re horrible.

I think Windows' preinstalled screensavers are crap too; the guy who wrote "Pipes" must've been smoking a few of them. But if I was to carefully make a case that Windows is a terrible operating system, I wouldn't even mention the preinstalled screensavers. Screensavers are useless these days, and the idea behind the screen-saver is that *it only runs when you're away from your computer*. Who cares what it looks like? Especially since most people just turn off their monitors when they're not in use.

I don't have a lot of objection to the rest of the article, but unfortunately there's not a lot else in the article. I guess it goes to prove my theory: If inconsequential complaints that "xyz is different to Windows" are the worst that these people can come up with, then it truly means that GNU/Linux can be used by all.

Side note: I met a guy on Sunday who tried Ubuntu and then found he didn't like it because - the only reason he gave - "It doesn't open the application menu when you press Windows-Escape". Which apparantly happens on Windows. Sabayon is his favourite Linux distribution for this reason, but he just uses Windows. With the Windows 95 theme. Oh, and he has both a 160 gig Tivo and a 500 gigabyte twin-HD Blu-ray recorder; when I pointed out that the Tivo was redundant, he said that he wanted the Tivo because it gives him suggestions of what to watch. I didn't bother to point out that he doesn't need Blu-ray because his TV is a 51cm CRT...

I changed my system theme from SlicknesS to Human Ultracompact, but I was annoyed that there seemed to be no compact window themes that matched the Human look.

And then I found a marvellous window theme where there is actually no title bar at all! If you take the normal Human window theme and look at how the bottom edge of the window turns out, and then imagine that at the top of the window too, then you've got a pretty good idea of the look.

How do I move windows? Easy - I hold down the Alt key and drag the window itself. How do I close windows, move them to other workspaces or keep them on top? Simple - I either click anywhere on the top edge, or I press Alt-Spacebar, and the window menu pops up where I can perform those tasks.

I love it.

I've also discovered that there seems to be only one program on Linux for simultaneous CD/DVD burning to multiple drives. That program is command-line only and it's a bit of a PITA from my experience; certainly not something I could give to a less-than-experienced colleague who has Linux and will shortly have a second burner.

You can open up two instances of Gnomebaker, but that's clunky.

So I'm going to write a full-featured program for burning ISO disk images to multiple drives simultaneously. You'll be able to set how many copies you want and which burners you want to use, and then it'll just burn through as many discs as you can feed it until the job is done.

Once again I'll use my good friend Pythoncard, with a brief appearance by HAL so my program knows what burners are available and what they're called.

Tonight I'm going to someone's house to set up their Vista computer and install programs as they want. They got given this computer by a family member, which annoys me somewhat - if she had made the decision to get a new computer she would have asked me, and I could have built her one :-(   Oh well, at least I'll get a bit of extra cashflow.

(Yeah, I remembered what I was going to say)

Lately I've been hearing people saying "Ubuntu" and "Linux" the wrong way around - they've been saying things like "I installed Linux Ubuntu yesterday" rather than "Ubuntu Linux".

At first I had no idea why they say it that way around, but I now know.

People think that Linux is the name of a software company, and that the company makes a product called Ubuntu. So they say it the same way as we'd say "Microsoft Windows".

It's getting to epidemic proportions though - an Officeworks ad in the paper very positively advertised the Acer Aspire One, which comes preinstalled with Linux. Great, but it described the machine as having "Linux Linpus" preinstalled.

Linux is not a software company, it is an essential part of an operating system called GNU/Linux. If you're talking about Ubuntu, either call it Ubuntu or call it Ubuntu Linux. I guess the easiest way of explaining it is that it's the Ubuntu variety of Linux, just as you might describe something as a "Lounge Chair" or an "Office Chair". Lounge and Office are the varieties, and Chair is the general object. Well, Ubuntu and Linpus are the varieties, and Linux is the general operating system.

My protest against the Beijing Olympics begins today. Well, tonight, at 8:08pm on the 8th of the 8th 08 at 8 seconds past the minute.

I always used to love watching the Olympics; I remember when I was younger I wished that the Commonwealth Games could go on forever on the TV. I still love watching the Games. But it's fundamentally wrong to hold a goodwill competition in communist China, and because of the pollution it's also just a bad idea to hold an athletic competition in China too.

In addition, the Games haven't caused China to become more liberal. If anything, what with the recent arrests and "police escorting" of anyone who is disliked by the regime, the Games have caused further tightening up of the police state's control over the people.

Disgusting behaviour. It hurts me, but I'm not going to watch the Olympics this year. Doing so would violate my principles.

I'll hit an early hurdle tomorrow unfortunately, because all the TVs at work will be tuned to Seven. And Saturday afternoons get really quiet with not a lot to do.

I finished Guitar Hero yesterday on Medium; I bet I didn't even have a chance to mention to y'all that I bought it! I hate being able to finish games in a matter of days. Bully took me 30+ hours, I expect my games to take 20 hours or more. I think the next games I'll buy will be Twighlight Princess and Super Mario Galaxy as they seem to have some longevity to them.

Call me crazy, but I actually prefer the songs from Frets On Fire; there's much more opportunity to hammer-on and pull-off than there is in the Guitar Hero songs.

My computer is still running well overclocked, so I'll keep it that way until summer. The cold weather keeps temperatures under control.

I was to install a second DVD burner into my colleague's Linux computer, but MCG Technology actually ran out of burners. Crazy. They've got more coming in on Wednesday. I do like the idea of Lightscribe now that you can do it on Linux.

I've got the feeling that there was something else I wanted to mention, but I can't remember what it was. Love to you all, talk to you soon.

Chris.

I have sent a message to the ABC regarding their online downloads shop, that requires Windows and installs some third-party malware on your computer.

To Whom It May Concern,

I'm very, very disappointed. I heard about your online shop where viewers can buy downloads of ABC shows and it sounded like a good idea to me. But there are two problems that I've since discovered:

1. In order to download or preview videos, you need Microsoft Silverlight. Aside from the ongoing concerns about whether Silverlight violates patents overseas, let me point out that there is no Silverlight for Linux, and that is the platform that I and my friends use. In fact, Linux is the fastest-growing operating system around as it comes preinstalled on very popular computers such as the Asus EeePC.

So basically, the site is completely useless to me. And might I point out that the second biggest-growing operating system, Mac OS X, is also not supported. You're certainly annoying a lot of people.

2. When you have a Windows PC and can download the videos, those videos have Digital Restrictions Management embedded in them. This means that customers can't do ANYTHING with the videos except play them on their computers. They can't put them onto portable devices, they can't stream them to media-centre PCs, they can't burn them to DVD for playback offline.

From what I've read, too, users have to install extra software to view their videos, and this software leeches off the user's own internet connection to send the video to other people! Without warning! (oh, maybe in the fine-print of the EULA).  Malware uses its victims' internet connections to try and make money for its creators - this software of yours apparantly does the same thing. It's very poor behaviour of the national broadcaster.

In addition, you now have a dependence on third-party software that can be commanded to lock you and your customers out, for any reason that the third party cares to invent or use. Imagine angry customers who've bought TV shows off you, who can no longer watch them because you're having a minor disagreement with the software provider! That's a recipe for disaster, and I'm surprised you didn't think of this scenario! It has happened before, and not only with video clips; I can think of an example where it happened with medical records.

Privacy. Your customers now have a third-party program on their computers, where the workings of it are not open for viewing. It already acts as malware, leeching off the customer's internet connection; who's to say that it's not also acting as spyware? Does the ABC respect its viewers' right to privacy?

This is such a *terrible* move by the ABC; I'm disappointed that I can't personally buy my favourite shows without a 40km round trip to an ABC store, but I'm absolutely shocked that you've chosen this DRM-infested platform for distributing the video.

I have also forwarded this message to Senator Conroy, as his office could well be affected by the implications of the use of this software, and its exclusion of non-Windows users.

Yours sincerely,

Christopher Lees