A little corner of the Empire on the web.

22 April, 2003

Potential Poo

Q: How much potential poo am I in at the moment?
A: An awful lot!

19 April, 2003

Do I look like a construction industry recruitment specialist?

No?

Well stop sending me your CVs.

Further to my earlier email concerning the above, I attach my 
CV for your evaluation.
I have five years East Africa experience and several years 
experience with overseas water utilities. My experience has 
covered Zoning , Water meters, bye-laws , water legislation 
and related activities.
I am currently in Thailand on holiday.I can be reached 
through this email.

Regards,

or

Dear  Mr.Xxxxxx  Xxxxxxxx,
      I  write in response to your recent advertisement for "chief operating officer" in Tanzania.
      I would like to be considered for the employment and would welcome an early interview.
      I have attached my recent c.v. and look forward to an early and favorable reply.
      I wish to highlight my broad experience in Tanzania and Africa in general as seen in my c.v..
      Thankful and grateful for your kind cooperation and response,hoping you would kindly consider my c.v. for any other position would fit me in future.
      Thank you for your time.
      Kind  regards. 

(The above reproduced complete with all spelling and grammatical errors. "X"s inserted to protect the [mostly] innocent)

And quite a few more in the same vein.

After a little investigation found out that there is a company called Jared (nasty colour scheme, pointless Flash menu, massively invalid code). They publish some of their jobs on a site called "Careers in Construction", they even have their own special page, the problem is that page links to lots of pages full of jobs, many of which have the wrong contact details: remember "Jared" is only one letter different from "jard".

Well being the good netizen that I am, I've replied to each of the applicants letting them know about their mistakes, and sent a letter to one of the HR people asking them to update their contact details, but, given that this is the middle of a double bank holiday weekend (wahoo, four day weekend!) I'm expecting that I'll be receiving these until at least Wednesday.

Ho, hum, guess I'd better have ago at exercising Mozilla Mail's rules filters.

17 April, 2003

Thoughts on default and recommended security modes and what it reveals about the people expected to use the systems.

When you have a large network, with a large number of servers, and a number of network/server administrators there essentially two different ways to set up the supervisor/administrative rights and which route you go down reveals a lot about your overall philosophy.

Method 1: Restrict each person's network rights to exactly what they need for day-to-day work and precisely no more. If they do need to do anything else they can use a specific administrative account (or supervisor account, or superuser depending what world you inhabit) to carry out their business.

Method 2: Give all of your administrator's network accounts full administrative privileges to each resource that they might need (or even everything depending on the size of the network, and the person's role).

There are definite advantages and disadvantages to each approach.

Method one means that your admin's own network accounts only have limited rights, this means that they are a less worrying vector for viruses, they're less likely to cause catastrophic problems by accidentally clicking the wrong thing and you can control who needs the passwords for various resources.

The downside is that you can't control who knows the passwords, someone extra will always need it for some reason, or will notice it whilst it is used for some othert reason and you can only control it by regularly changing your admin passwords, and keeping a (secure) database of them all.

Method two means that you can audit who did what, every admin level action on the network will have an actual person's own ID against it, it means that work for admins is less of a hassle: less passwords, less logging in and out all over the place with 30 different passwords, less time spent performing quick and easy tasks.

The downside is that if any of your admins happen to become infected by a virus, or are simply having a bad day and making an awful lot of mistakes, then they can wreak havoc on an unparalleled scale.

From what I've seen experienced, method one is the method that pretty much every network admin training course reccomends, and most Linux/Unix networks actually carry out ("su" is your friend) whereas despite the official guidelines most Microsoft based shops tend to either be configured as method two (or a mixture of the two).

16 April, 2003

Wow, just had Mozilla crash on me. What a shock!

I'm running Mozilla 1.3 at the moment and this is the first time I can remember Mozilla crashing since I had a corrupt plugin install back when I was using Mozilla 1.1!

I'd completely forgotten about the feedback agent, so it was a real shock when that appeared.

Still I guess that's a fairly decent MTBF: two major milestone releases!

14 April, 2003

OK I've just spent the last few days converting jardBRAIN so that it can export an RSS feed. This involved rewriting and generalising some of the internals (which wasn't such a bad thing as I'd been meaning to do it myself for ages anyway, I just needed some external stimulus to give me a good reason, and a boot up the jacksie).

So all's going well, I settled on RSS version 2.0 in the end. Created a simple test template, looked everything up in the specs (RSS v2.0 spec) looked up things that aren't clear in the previous specs (even as far as going back to 1982's RFC822 to find the date/time format for various entries).

Unfortunately at the end of this I still have two questions about two ambiguous properties:

  1. What content type (MIME type) do I serve my file as?
  2. How do I use the GUID field?
Taking these one at a time:

After a bit of research on the 'net there are three content types in common use for RSS files; text/html, text/xml and application/rss+xml. Of those the first is obviously wrong, the second type fits in a general sense, and the third seems right (and is recommended and used by Mark Pilgrim). So I think that I'll go for application/rss+xml, but that's still not quite settled yet.

The second question is still a little unclear, at least for a bear of little brain like myself.

From the RSS v2.0 official specification:

guid stands for globally unique identifier. It's a string that uniquely identifies the item. When present, an aggregator may choose to use this string to determine if an item is new.…
If the guid element has an attribute named "isPermaLink" with a value of true, the reader may assume that it is a permalink to the item, that is, a url that can be opened in a Web browser, that points to the full item described by the element.

and:

A frequently asked question about guids is how do they compare to links. Aren't they the same thing? Yes, in some content systems, and no in others. In some systems, link is a permalink to a weblog item. However, in other systems, each item is a synopsis of a longer article, link points to the article, and guid is the permalink to the weblog entry. In all cases, it's recommended that you provide the guid, and if possible make it a permalink. This enables aggregators to not repeat items, even if there have been editing changes.

And from Userland's backend pages, Guids are not just for geeks anymore:

Aggregators and readers can use the guid in one or two ways:

1. To determine if an item is new or not, allowing the authors of weblogs to make minor editing changes without making all their readers figure out if a post is new or not.

2. If it's a permalink, make it easy for the reader to go directly to the item on the Web. This is cool for people who want to quickly include the link in their weblog.

The second feature is a nice convenience, the first, imho should be a feature of all aggregators, readers and content systems.

Ok, that's all well and good and I can see the reasoning behind it, people often take an existing entry, edit it to correct the spelling and then republish it to the same URL. My question is which way round does this work? Is the GUID there to always identify the one article through all of its changes, so that even if other things change, the GUID will stay the same (like my addeddate ID used in permalinks in jardBRAIN), or is it there to say that although this looks like the same article that was here ten minutes ago, its actually had the wording changed, and had some offensive phrase edited out, so the GUID changes (like my full recordid, or possibly something like an MD5 digest)?

Maybe I'm reading too much into all this, but I just can't get my head around this one.

04 April, 2003

What really annoys worries me about Windows XP are its silent failures.

I've been using XP Home edition on my personal laptop for about nine months, and I've been using XP Professional at work for four or five months. During this time it's had its little quirks, annoyances and, I'll even grant, it's moments of brilliance and overall I've learned to tolerate it as an operating system, maybe even learned to like it in some ways.

However the one thing that has really made me reserve judgement on it are the silent failures it seems to have at the quirkiest of moments.

What do I mean by silent failure?

I mean all those times that you try to do something, and nothing ever happens: there's no visible feedback, there's no error message, and most of all it just doesn't work.

As an example I regularly use two different applications as part of my job, to protect the (mostly) innocent we'll call them app A and app B. Now I really use these, push them hard and so I've discovered a couple of sure-fire ways to crash them both, this isn't a real show-stopper because both apps have more than one way to accomplish these particular tasks, so I can just avoid the problem and try it the other way.

The thing is that I discovered all of this running the apps on my Windows 2000 box. When app A crashes on my old Windows 2000 box its screen image freezes up, and then 5-30 seconds later up pops an error message, such as "App A: invalid aaaa to bbbb in cccc. [OK]", so I scan the frozen screen image to double-check the reference that I was working on, click [OK], restart the app and carry on working from that reference again. App B's crashes are similar, except it also writes something to the Windows error log as well as giving me an on-screen error message.

Under Windows XP the crashes are slightly different, I'll be happily working away in the app, then, without thinking, I'll click the button that I know will crash the app, and just as the ONM hits, the app just disappears from the screen. No frozen image left on-screen. No error message. No feedback whatsoever, its like it never existed. There are even a few tasks within Windows XP and Explorer itself that can trigger this behaviour (such as assigning groups in the ADS rights to folders and shares in the NTFS file system on a server through the local Windows Explorer) so its certainly not just a problem with 3rd party apps.

I'm sure when the Microsoft programmers demoed this to their managers that everyone starting giving out mutual back-pats and congratulations, "Look, no error messages, so no one can complain any more that Windows is riddled with bugs and freezes all the time!"

Unfortunately no one stepped back from the whole self-congratulatory circle w--- and thought, "Well maybe people will want some feedback when jobs fail? If only so they have a clue what to do/not do next time?"

It's a triumph of marketing over common-sense, and it really signposts some of the thinking behind a lot of Windows XP's interface and features.

If they don't absolutely need to know it, or it might make us look bad if they see it, then hide it from them at all costs.

02 April, 2003

Well, I've just spent £200 on a watch, what have you done today?

(But it's so cool, I can barely contain my excitement, and at least I didn't go fo the £499 version, even if that one is so cool I nearly wet myself looking at it)