Wizard's Whinings

Opera Mobile 9.7 beta

2009-06-22T08:59:00.002+02:00

Just a quick note on the Opera Mobile 9.7 beta I just installed on my phone yesterday:

It doesn't auto-zoom when in Mobile view.

It doesn't have the Wand to remember login credentials.

The progress bar is displayed too late, and only starts animating when the page has completely loaded.

It didn't auto-import my bookmarks from the existing Opera 9.5 install.

There's no longer a right-click > Open in new tab menu option.

..but it has Opera Turbo, which is really, really, really fast. Very promising. I hope the above list of issues will be fixed once it comes out of beta.

A sensible adblocking policy

2009-06-16T09:49:00.002+02:00

Lately, multiple websites have been playing the 'WAAH LOOK AT MY ADS OR I'LL GO BROKE' card again. This surfaces once ever so often, mostly by websites that provide free content and thus feel that you are required to view their advertisements in return. They further imply that if you block their ads, you're making them lose money (or even steal their content) because they get nothing in return.

What do I think of this? Well, I've been blocking ads since Atguard came out and switched between different policies, ranging from 'ads are evil and waste my bandwidth, I block EVERYTHING' to 'meh, as long as it's not SUPER-ANNOYING it can stay'. I know for sure that there are people who follow the first philosophy because things like the IE-SPYADS blocklist and the Winhelp2002 hosts file exist, which blackholes hundreds, if not thousands of webservers that serve advertisements. Apart from it being a bad idea to abuse the hosts file (or IE Restricted Zone) for this and exposing yourself to memory problems, it's a carpetbombing attack and probably overzealous. After all, the hosts file can only block a complete domain, and not just the /annoying_ads/ subfolder of the news website you read.

The other end of the adblocking spectrum seems rare, in my opinion. When I visit friends or family that browse without an adblocker, ads immediately jump out at me because I'm not really used to them anymore, but other people seem to be able to ignore them. And I have to say, you eventually start skipping and ignoring ads in magazines, probably because of some subconscious learning process.

The major browsers have - or are really close - a built-in adblocker that can be used by anyone who knows it's there. Opera has the Content Blocker. Firefox has Adblock Plus (ok, not built-in, but it's the most popular plugin). Internet Explorer 8 has Private Browsing mode which has a domain blacklist. Originally it wasn't even meant as an adblocker. Chrome has a developer version in beta that allows loading of userscripts, with the first plugin being... an ad blocker.

But if everyone used the adblocking functionality of their browser, ad clickthrough rates would plummet and bad stuff would happen. A 'good' clickthrough rate already seems to be 0.50% at this point, meaning that for every 1000 visitors, only 5 click on an ad. It's still higher than spam (0.000008%), but not much.

I propose that everyone follows an adblocking procedure that will not only keep advertisers in business, but also promote them to make more userfriendly ads like Google does (i.e. text-only ads). In essence, if an ad on a website is annoying or distracting, block its origin. So if you see an ad that shakes around and warns you that 'YOU HAVE 2 UNREAD MESSAGES', throw whatever domain it's served from onto your blacklist. This will make sure that whatever marketing company that thought up that horrible ad will notice that their ad is not working, and that whatever other horrible ads that are on that adserver will not reach you either.

Usually, for me this means that whenever I lose my adblocklist for whatever reason, I start over with a blank one. If the ad cannot be blocked because it's served from the same domain as the website I want to visit, I stop visiting it - unless it's important enough, in which case I only block the folder the ads are in. Periodically clearing your adblock list also gives advertisers a chance to clean up their act and serve normal ads (by which I mean static ads).

Welcome to Web 3.0

2009-04-07T11:11:00.002+02:00

Inspired by a friend's tour-de-force show of his blog that consolidated Twitter, Google Reader Shared Items, links to social networking websites and more, I've changed the layout of my blog a bit. GReader shared items are now at the top right, followed by a rudimentary Twitter app. If I find out how, I'll add more fun stuff.

Merijn.org down, relocated at CastleCops

2008-12-10T10:55:00.004+01:00

For those who are wondering why my website at Merijn.org is down: the legal owner of the domain (who is also the owner of SpywareInfo) is missing, and the domain expired. I am in the process of procuring the domain from GoDaddy as soon as it becomes available to me.

Meanwhile, a complete mirror is available at merijn.castlecops.com. A generous thanks to Paul Laudanski for this.

Update April 7th 2009: For those who still don't know it from everywhere else I've put up notices, my website is back online at www.merijn.nu and will stay there. The hosting and domain name are completely owned by me and I don't expect any problems like with merijn.org. Thanks to cnm once again for all the trouble I've caused him and his grandson.

How to fix Windows Update Error 0x8ddd0004

2008-11-15T15:58:00.005+01:00

I just spent about half a day fixing up a computer that had been struck with the AVG user32.dll false positive, where most of the time was taken up by figuring out why the hell WindowsUpdate wouldn't run. It kept stopping the scan, with the error message 'Error 0x8ddd0004' and some useless instructions for fixing it.

Here are some possible solutions, if you do all of these it is guaranteed to work. After each step close all browsers and open WindowsUpdate to see if it worked yet.

Make sure you have Administrator rights

Perhaps the simplest step of all. Go to Start > Control Panel > User Accounts and make sure the account you're currently logged in as is classified as 'Administrator'.

Update Flash

Since it's the easiest, try this first. I have no idea why, but this one worked for me. Head over to Adobe.com and click the 'Get Adobe Flash Player' link. If you don't use MSIE for this, make sure you close all browsers and all Flash-enabled programs before you run the manual installer.

While you're there, upgrade to the latest Shockwave Player too by clicking the 'Get Adobe Shockwave Player' link or banner. Again, close all browsers if you use the manual installer.

Re-register all WindowsUpdate DLLs

From Virtual Dr.:

Go to Start > Run and type each of the following, hit Enter, Enter again and repeat.
regsvr32 JSCRIPT.DLL
regsvr32 MSXML3.DLL
regsvr32 ATL.DLL
regsvr32 WUAPI.DLL
regsvr32 WUAUENG.DLL
regsvr32 WUAUENG1.DLL
regsvr32 WUCLTUI.DLL
regsvr32 WUPS.DLL
regsvr32 WUWEB.DLL

Manually reinstall the WindowsUpdate agent

To reinstall the WindowsUpdate files, run this installer from Microsoft:
http://download.windowsupdate.com/v6/windowsupdate/redist/standalone/WindowsUpdateAgent20-x86.exe (64-bit version here)

Let WindowsUpdate reinstall the ActiveX component

I put this one last, because I have a feeling it resets much more than just the WindowsUpdate ActiveX component. Use with care.
To do this, you first need to disable the two WindowsUpdate services. Go to Start > Run > services.msc. Select Automatic Updates and click the 'Stop' link. Select Background Intelligent Transfer service and click the 'Stop' link.
Now open Explorer and open the Windows directory. Find the folder 'SoftwareDistribution' and rename it to something like 'SoftwareDistribution_old'.
Go back to the Services window and start both services again.

Wii vs. Xbox360

2008-10-10T09:33:00.003+02:00

Four days ago I bought an Xbox 360 specifically for the insane discount it got in Europe (€200 for the Pro model, down from €270) and for Guitar Hero: World Tour and Rock Band 2. Since neither of those games are out yet, I resorted to Xbox Live Arcade games (downloadable games) and second-hand classics on eBay such as Halo 3 and Burnout Paradise.

Things that I really notice about the Xbox:

Demos and trials. For almost EVERY game, you can first download a demo/trial version to see if it's any good. The Burnout Paradise demo is extremely convincing, for example.

The 60GB hard drive. The Wii doesn't have one.

The headset. On a whim, I plugged it in during a game of Carcasonne and almost jumped out of the seat when my '..hello?' was quickly answered by a very British 'hay'.

Achievements are great fun!

The Xbox 360 crashed twice in two days. Not sure if this is a ventilation issue, there is no indication of why it crashes after rebooting. For comparison, my Wii has crashed twice, in two years (not counting the proof-of-concept Opera/Youtube/Flash exploit I tried once). This is not good.

Firefox can actually cure world hunger, make world peace and find life in outer space

2008-09-05T12:31:00.001+02:00

...but you'll need an extension to do it.

Jumping on the bandwagon: Google Chrome

2008-09-03T17:16:00.013+02:00

Today, Google decided to release their own browser Google Chrome, which is accompanied by a cute, very detailed and pretty technical comic book (!). While taking it for a spin I noticed a lot of blogs talking about it (Ars Technica, Tweakers.net, Slashdot, Sunbelt, F-Secure, GeeksToGo), so here are my two cents. This post will be updated while I try this thing out.

Pro:

The user interface is very minimal and still very good. You can do most of your web browsing with Google Chrome despite it not even having a menu bar. The address bar ('Omnibar'? Whatever) works very good, for both searching and typing. The new tab starting page is very much like Opera's Speed Dial, but picks pages to display there automatically.

It uses the Webkit rendering engine, which is the basis for Safari and very fast. However, Webkit recently switched to using the SquirrelFish javascript VM, improving their Javascript performance 1.6 times. Google chose to pick a different Javascript VM called V8 which is even faster! GMail is INSANELY fast in this Chrome browser (and I'm used to Opera, which is already very fast).

It uses (parts of) Mozilla Firefox, and probably also the anti-malware and anti-phishing protection Google built in conjunction with Mozilla.

It uses separate processes for each tab, and also for each plugin. This makes it easy to identify which tab/plugin is a memory hog (see the next bullet), and also to recover from a tab crashing since it doesn't take down the entire browser (something that was also added to the IE8 beta 2 released August 28).

It has a little Task Manager that shows memory and CPU information about each tag, while about:memory shows a detailed view.

Con:

I just accidentally dragged a tab and it changed into a new window with that tab. It's not really clear how to put it back into the original window. Some fidgeting shows that you have to drag the single tab itself back to the original window.

No plugins, very bare-bones. I miss my keyboard shortcuts, mouse gestures and ad-blocking.

Since it's based on the Webkit rendering engine, it's vulnerable to the same exploits. The carpet-bombing exploit (that has already been fixed in recent Webkit versions) is present in Google Chrome. There's also a ridiculously simple bug that crashes all tabs (yes, you heard that right) when you navigate to a URL with an undefined handler and a percent (%) sign in it.

While it's based on a recent Webkit version, it scores very poorly on the ACID3 test - only 55%.

Overall: The Google Chrome browser is very, very good. Google is the perfect company to create a browser, and they have thought about this a lot during development.

Speed Racer (2008)

2008-08-31T16:12:00.002+02:00

Speed Racer (2008) was a fun movie, but there is no excuse - repeat NO EXCUSE - in this entire universe filled with the most crazy shit you can imagine, to have a trained monkey in a movie that was created in the year 2008. It was the most annoying, stupid, childish and unfunny character I have ever seen in a movie. Even Chimp Chimp managed to be more entertaining than that stupid, retarded, fat ape-like creature in the movie that was called Squirtle or Spittle or Spermle or whatever his name was. Every time he was on the fucking screen I wanted to reach out and strangle his chubby little neck, to break his skull, to stuff his mouth with rat poison and shove the monkey up his ass. That shit was probably barely mildly funny when it was originally done in 1967, 40 FUCKING YEARS AGO, but GOD. Wachowski Brothers EPIC FAIL.

PETA attempts to out-stupid Jessica Simpson

2008-06-17T17:54:00.003+02:00

Yesterday, Jessica Simpson was photographed wearing a shirt that says 'real girls eat meat'. Now this might have been an ironic T-shirt, but I'm sure Jessica doesn't know what that means so it's most likely not.

Today, PETA responded by posting 5 Reasons Why Only Stupid Girls Brag About Eating Meat (capitalization theirs) on their blog. The list is arguably even stupider than Jessica Simpson is rumoured to be. Here are the five 'reasons', with explanations why they are wrong.

1. Meat increases the risk of breast cancer.
The article mentioned was indeed published in the British Journal of Cancer in 2007 by Taylor, Burley et al. and finds a association between eating meat and the risk of breast cancer in pre- and post-menopausal women. However, sources indicate that the effect was not significant and inconclusive.

2. Real girls don't support animal abuse.
Celebrities (obviously) do not represent the world population, so if 'huge numbers of celebtrities are ditching meat' that does not mean everyone is. The latest numbers indicate 6.7% of Americans were vegetarian in 2006. In India, over 57% of the population is vegetarian.

3. The meat industry is destroying the Earth.
The quote used here is in The Times, from the Prince of Wales and is from 2005. In the exact same article, the Prince is criticized as being hypocritical since he spends large amounts of money but speaks out for less spending. His comments are in no way connected to animal cruelty or vegetarianism. He also has a ranch with 100 chickens.

4. Meat will make you fat.
I guess I'll just eat the fries then whenever I'm at McDonalds? This is rubbish, anything taken in excess will make you fat. Including a vegetarian diet.

5. Eating meat steals food from starving kids.
So it's OK for starving kids to eat meat?

Basically, PETA blasted Jessica Simpsons for being seen wearing a T-shirt advocating meat consumption, without: asking if she agrees with it, asking if it was a joke, asking if she was not a vegetarian, asking if she wanted their advice, or even asking, I don't know, if she even eats meat that much. If this isn't the stupidest form of hypocrisy then I don't know what.

Jack Thompson tells on Take Two, emails his mom

2008-05-05T11:35:00.011+02:00

In the most hilarious move of anti-videogame-crusader attorney Jack Thompson yet, he responded to the GTA IV 'murder simulator' by sending an email to Take Two chairman Strauss Zelnick's mom. The email is filled with the usual falsehoods and draconian exaggerations. Following is the email itself as well as the actual facts.

Dear Mrs. Zelnick:
Your son, as you may know (or maybe you don’t know), is Chairman of Take-Two Interactive Software, Inc., whose most popular video games are the Grand Theft Auto murder simulator games banned in some countries but sold to children here.

Currently, GTA 3 and GTA: San Andreas are banned in Australia because of the Hot Coffee drama.
GTA IV is banned in the United Arab Emirates.
GTA 3, GTA: San Andreas and GTA IV all are rated M for Mature, meaning it is illegal to sell it to people under the age of 17. Note that children are generally younger than 17.

Your son last week was reported to have said the following about Grand Theft Auto IV, due to be released Tuesday, April 29:
"We’ve already received numerous [GTA IV] reviews, and to a one, they are perfect scores. My mom couldn’t write better reviews…"
Taking your son’s thought, I would encourage you either to play this game or have an adroit video gamer play it for you. Some of the latter gamers are on death row, so try to find one out in the civilian population who hasn’t killed someone yet.

Devin Moore, who was sentenced to death for killing three police officers while trying to escape custody, claimed to be influenced by GTA: Vice City. The Inquirer claims he made this up. His victim's families seem more concerned with suing Take-Two, Rock Star, Wal-Mart and Gamestop than with mourning.
Note that this is the only known case of a criminal on death row who ever blamed GTA.

What you will see in your son’s game, if this iteration of GTA is anything like its predecessors, ..

Jack Thompson apparently hasn't even seen the game.

..is incredible interactive violence aimed at police officers (whom you can shoot in the head and see the blood spray), innocent bystanders (whom you can run over with your car just for the heck of it), and of course the plentiful female prostitutes you can have sex with and then filet with a knife or stomp with your feet in order to get your money back. Experts note that the recent plethora of cop killings is caused in part by your darling son’s entrepreneurial energy. There are three policemen dead in Alabama because of Grand Theft Auto. I was on 60 Minutes about it. I hope Strauss has provided you with a flat screen tv to see the grief of the bereaved families that fills the screen.

Literature that supports the theory that violent video games leads to violent behaviour is flimsy at best. The most recent study even shows that playing violent videogames relaxes you.

Also note that GTA IV has no option to 'stomp prostitutes with your feet'.

The pornography and violence that your son trafficks in is the kind of stuff that most mothers would be ashamed to see their son putting into the hands of other mothers’ children, but, hey, your son Strauss has recently assured the world that he is "a Boy Scout, everybody knows that." I’d love to see the merit badges that Scout Troop handed out. Is there a Ted Bundy merit badge? If so, your loving son deserves one now. It should be red and green, for obvious reasons.

The 'pornography' refers to the Hot Coffee mod again, which ironically was originally only some suggestive fully-clothed grinding but modified by a gamer (!) to remove clothes on the participants. This content has been removed from GTA: San Andreas in 2005 allowing the game to keep its M rating.

The quote from Zelnick is from the Breakout Performance financial blog where it is a response to accussations that Zelnick received an high yearly bonus on his employment contract.

With Passover having just come and gone, it is appropriate to note the following from the Old Testament, Proverbs 22:6:
"Train up a child in the way he should go: and when he is old, he will not depart from it."
Mrs. Zelnick, did you train up your son, Strauss, to make millions of dollars by pushing Mature-rated video games to children? Any kid can go right to little Strauss’ corporate web site and buy GTA IV with no age verification. Strauss is even marketing the new Grand Theft Auto IV on World Wrestling Entertainment tv shows seen by millions of kids. If you trained up Strauss to do this, then shame on you.

Again, selling Mature-rated games to children is illegal. While the Take-Two website requires entering your date of birth, anything can be entered as long as the age is over 17.

The Take-Two website doesn't actually sell the game online, it only redirects to the online stores that sell it, such as Amazon. Since online stores generally use websites, it would be impossible to buy GTA IV without a credit card, which children rarely have.

The commercials for GTA IV are all suitable for minors (no adult content) and clearly mention the M for Mature rating. Note that WWE matches are usually wall-to-wall violence, unlike GTA IV.

But maybe the explanation for your son’s corporate sociopathy is to be found in Old Testament Proverb 29:15:
"The rod and reproof give wisdom: but a child left to himself bringeth his mother to shame."
Maybe you, Mrs. Zelnick, were so taken by your handsome son that you spared the rod and spoiled the child. That would explain why he has brought you, by the way he presently acts, "to shame."
There’s another mother you would do well to talk to. Mrs. Crump in Alabama had a son who was a police officer. He’s now dead because a teenaged boy unwittingly trained himself to kill him on Grand Theft Auto: Vice City. She has a grief she carries every day that only a mother can know. There are other such mothers in the heartland of America whose inhabitants your son simply sees as commercial targets.

The $600 million 'GTA killer' court case by Mrs. Crump and others has been dismissed by court in 2006. Note that while Jack Thompson was the practicing attorney for this lawsuit, he withdrew from the suit long before its dismissal.

As mentioned before, playing a violent videogame has not been proven to induce violent behaviour. Also, clicking a mouse button for several hours hardly trains a gamer to break into a car, hotwire it, disarm a police officer and fire a handgun.

Note that Devin Moore was 16 years old at the time of the shootings and thus was either illegaly sold GTA by a shopkeeper, or bought the game by his parents. Either possibility would place the blame elsewhere than at Devin Moore himself.

Your son, this very moment, is doing everything he possibly can to sell as many copies of GTA IV to teen boys in the United States, a country in which your son claims you raised him to be "a Boy Scout." More like the Hitler Youth, I would say.
Happy Mother’s day, Mrs. Zelnick, which this year is May 11, two weeks after your son unleashes porn and violence upon other mothers’ boys. I’m sure you’re very proud.

Sincerely, Jack Thompson"

Note the lack of 'attorney at law', since Jack Thompson's license to practice law was revoked in 2005.

I can't even begin to comprehend why Jack Thompson suddenly places the blame for the murder of three police officers squarely in the lap of a retired mother of a very successful businessman, as well as liking her to Adolf Hitler.

ACID, ACID2 and ACID3 test results for all popular browsers by date

2008-03-24T13:08:00.033+01:00

Since the ACID3 test was released by the Web Standards Project on March 3, lots of companies have scrambled to update their browsers to perform better on the test. No one browser has passed the test since it was released, though there seems to be a neck-to-neck race between Safari, Firefox and Opera. All three are putting out new betas (in different paces) that score better and better.

Since this seems so much like a race, I felt like putting up an overview. I tested all three ACID tests on current and older versions of Netscape, Internet Explorer, Firefox, Opera and Safari (for Windows) and determined as accurate as possible when each browser passed each test for the first time. I will update the ACID3 test results when they become available.

Some data taken from Anomalous Anomaly.

ACID1 test:

Notes:

I couldn't find when Safari first passed the ACID1 test. Windows builds only started at version 3.0, and I don't have a Mac.
It's possible Internet Explorer passed the test with an earlier 6.0 build, but it's both very hard to find them and very hard to get them running without messing up your system.

ACID2 test:

Notes:

Netscape never passed the ACID2 test before it was discontinued. Its final result looks like this. If that looks a lot like what the latest stable Firefox renders, remember that Netscape switched to the latest (stable) Gecko engine, also used by Firefox, before putting out the last build.
Safari and Opera passed this test first, and it took Firefox and Internet Explorer so long to accomplish this feat, that only their recent betas pass it now. How embarrassing.

ACID3 test:

Notes:

The red line marks the releae of the ACID3 test. To see a big picture that goes back all the way to 1997, see here. It has several peaks where browsers performed worse with new versions, and I have no idea why.
Almost every browser picked up on the ACID3 test and updated their browsers. Only Internet Explorer didn't, and that's probably only because they just put out the first beta of IE 8 three days after ACID3 was released, along with several proud posts that it passed ACID2.
The switch to the latest Gecko rendering engine by Netscape can be seen very nicely here, as the Netscape line merges into the Firefox line with the last Netscape version.
Not pictured: the Firefox score drop from 59% to 52% since they released 3.0 beta 1 (on a newer rendering engine) earlier than 2.0.0.12 (with the old rendering engine).
Opera is making a GIANT leap several weeks before ACID3 was released, which shows that they were putting a lot of effort into being compliant even before the test was released.
Safari is putting a lot of effort into passing the ACID3 test right now. Each Webkit nightly is scoring better.

TODO: maybe I'll add the CSS3 selector test later on.

UPDATES:

March 26: New Firefox 2.0.0.13 scores no better on ACID3. Webkit nightly r31306 goes from 95% to 96%.

March 26 again: THE RACE HAS BEEN WON! Both the latest Webkit nightly and the current internal Opera build now pass 100% of the ACID3 test! Congratulations to both teams. Opera wins for having a 100% score just hours before Webkit did. Webkit takes the medal for having the first publicly available build that passes ACID3 - Opera promises the public build later this week.

March 27: It seems Opera is generally credited with the first Acid3 100% pass, and that Safari's Webkit cheated by implementing only the part of the SMIL protocol that was required to pass the relevant test.

March 28: Opera made their internal WinGogi build available (the one that scores 100% on Acid3) and I added it to the graph. It's the peak on 26 March, obviously. Most of the Acid3 changes will not be in the Kestrel engine scheduled for Opera 9.5, which explains why the latest 9.5 alpha build scores just 79%.

April 2nd: Firefox 3.0 beta 5 scores 71% over the 68% of beta 4.

April 17th: Firefox 2.0.0.0.14 scores 53% over the 52% of 2.0.0.13. It seems clear they are focusing more on Firefox 3 for standards compliance now.

April 18th: Safari 3.1.1 scores 74% as opposed to the last 3.1 version. The latest Opera weekly build scores 79% like its predecessors. I've updated the Acid3 graph to show the results the latest version of each browser gives, even if this is a stable version and a better scoring beta was released earlier. If I have some time left later I'll split the lines into stable and beta.

April 25th: Opera 9.5 beta 2 scores 79% like its predecessors.

May 17th: Mozilla Firefox 3 Release Candidate 1 scores no higher than the betas: 71%.

June 5th: Mozilla Firefox 3 Release Candidate 2 still only at 71%. It doesn't seem like FireFox 3 will score any higher than this.

June 10th: Opera 9.5 RC scores 83%. Their latest weekly builds have been slowly creeping up on the Acid3 test.

June 12th: Opera 9.5 was released today and it scores 83% on Acid3.

June 20th: Safari 3.1.2 scores 75% over the previous version's 74%.

July 31st: The Firefox 3.1 alpha Shiretoko scores a surprising 83%, bringing it on par with Opera.

September 6th: Added Google Chrome to the list. It seems to update discretely, I got only 55% on the first version but reinstalling today yielded 77% (or sometimes 79%) and the build number had changed from 1583 to 1798. The Safari 4.0 beta from June 10th scores 100%!

September 8th: Mozilla Firefox 3.1 alpha 2 and Opera 9.60 beta 1 RC were both released on September 5th and both score 85%!

October 8th: While Google Chrome is still on 79%, the latest Chromium nightly builds have updated the Webkit engine version on October 1st, and it's scoring 100% on ACID3 since build 2778! There's only one timing issue (test 26) and the image doesn't look like the reference pic completely - big red cross in top-right corner and 'linktest failed' below the score). Chromium is already at build 3001 at the time of writing, so expect the official Google Chrome builds to duplicate this soon.

October 15th: Mozilla Firefox 3.1 beta 1 is out and scores 89%, finally passing Opera for the first time since March.

December 4th: Opera 10 alpha 1 was released today and it scores 100%, as expected. It's also MUCH quicker than the WinGogi build they put out sometime ago.

December 8th: Mozilla Firefox 3.1 beta 2 scores 93%.

How to use the Wii Guitar Hero III guitar on Guitar Hero III for the PC

2008-03-02T15:46:00.016+01:00

Right! I'm going to explain to you how to get the Les Paul from Guitar Hero III: Legends of Rock for the Nintendo Wii to work with Guitar Hero III: Legends of Rock for the PC. I took a lot of this from the Wiihacks post on using your Wiimote as a mouse in Windows so if something isn't clear enough, go read that first.

*UPDATE* March 6: the GlovePIE script is now DONE. I just added the correct keybinding to the + key (Backspace instead of Escape) and changed the whammy code to use the mouse for whammying. It's not as smooth as I'd like, but it's the best you can get.
*UPDATE* March 5: updated the script to be three times shorter, and added support for Star Power activation by tilting the guitar. The Wiimote will also rumble for a second when you do this, somewhat like it does in GH3 for the Wii. Yay!

Why?

Because GH3 for the PC has better graphics and STEREO SOUND, and I wanted to see if it could be done. These guys got most of it working and I've had some tips from them. You've all seen the videos of people using the Wiimote as a mouse, and some of you probably have seen some of Johnny Chung Lee's videos where he uses the Wiimote as cheap implementations of head tracking solutions and multi-touch whiteboard screens.
I got the whole thing working in about an hour, on Windows XP. The GlovePIE script (which is completely my own) took about three days work off and on.

What do I need?

You're going to need the following things:

A Nintendo Wii controller and a Wii Les Paul guitar controller, obviously.

Guitar Hero III: Legends of Rock for the PC

A bluetooth adapter or USB dongle - If your computer doesn't already have one (look in the Device Manager to check this), you can get a cheap one that plugs into your USB port from eBay. I got one for $1 and it works fine.

BlueTooth drivers - If your computer doesn't have them already (Windows Vista should) and the above bluetooth adapter/dongle didn't have a driver CD included, get the free BlueSoleil drivers.

GlovePIE 0.30 or newer - this interprets the signals from the Wiimote and can map them to key presses. Version 0.30 added support for the Wii guitar.

A bit of persistence to get the GlovePIE script to work right :-)

Connect the Wiimote to your PC via Bluetooth

This should be the easiest part. Plug the Bluetooth dongle in if you have one, then install the BlueSoleil drivers. The Microsoft Bluetooth stack will NOT work, unless have a Bluetooth device that is in the list of compatible devices on the WiiBrew wiki.

Once the Bluetooth part is setup, put the Wiimote in discovery mode by pressing 1+2, then let your Bluetooth device on the PC discover it. It should find something like Nintendo RVL-CNT-01, which offers a Human Interface Device (HDI) service. If the Wiimote LEDs stop flashing, press them again until your PC finds the Wiimote and the service. When that's done, connect to the HID service.

Setup GlovePIE to use the Wiimote

Now that the Wiimote is connected to your PC, open up GlovePIE. Go to File > Open and open the script called TestWiimote.PIE in the OldScripts folder. Now click RUN and wave around your Wiimote. There should be numbers changing in the debug window in response to your waving. If they don't change, either your Wiimote is not connected properly, or your Bluetooth stack is incompatible with the Wiimote.

If you got GlovePIE working, you can try this mouse script from the Wii Hacks blog and fiddle around with it. Tilting your Wiimote should control the mouse cursor, and it should make the Wiimote vibrate when you hit the screen. A and B control the mouse buttons.

Setup GlovePIE to use the Wii guitar controller

Now for the hard part. You'll need a custom script to interpret the signals from the Wii guitar and map them to keys on your keyboard. The script I wrote to do this is below, you can copy and paste it into GlovePIE (don't forget to save it) and change it to your liking.

Key.Ctrl = False
Key.LeftShift = False
Key.LeftAlt = False
Key.RightAlt = False

debug = 'whammy=' + wiimote.Guitar.WhammyBar + ', pitch=' + RemoveUnits(Wiimote.Pitch)

//change these to your liking (use debug info)
var.whammythreshold = 0.55
var.starpowerangle = 50

//bind frets to V-C-X-Z etc
Keyboard.V = Wiimote.Guitar.Fret1
Keyboard.C = Wiimote.Guitar.Fret2
Keyboard.X = Wiimote.Guitar.Fret3
Keyboard.Z = Wiimote.Guitar.Fret4
Keyboard.A = Wiimote.Guitar.Fret5
//make the 4 wiimote leds light up with the first 4 frets
Wiimote.Led1 = Wiimote.Guitar.Fret1
Wiimote.Led2 = Wiimote.Guitar.Fret2
Wiimote.Led3 = Wiimote.Guitar.Fret3
Wiimote.Led4 = Wiimote.Guitar.Fret4
//other mappings
Keyboard.Space = Wiimote.Guitar.Minus
Keyboard.W = Wiimote.Guitar.StrumDown
Keyboard.E = Wiimote.Guitar.StrumUp
Keyboard.Backspace = Wiimote.Guitar.Plus

//make whammy when whammy is pushed
If Wiimote.Guitar.WhammyBar > var.whammythreshold
   Mouse.x = Wiimote.Guitar.WhammyBar
EndIf
//push star power button when guitar is tilted
If RemoveUnits(Wiimote.Pitch) > var.starpowerangle
   Key.Space = True
   Wiimote.Rumble = True
   Wait 1000 ms
   Key.Space = False
   Wiimote.Rumble = False
EndIf

A few things to note on this script:

It maps most of the Wii guitar controls to the default mappings of GH3 for the PC. E.g. the frets G-R-Y-B-O are mapped to V, C, X, Z and A. Look around in the script, it's really easy to do.

To configure the whammy, run the script and look at the debug value for the whammy bar. My guitar gave a value of 0.55 for the whammy bar in rest, so you'll only want GlovePIE to send it to GH3 when a value greater than 0.55 is registered (or it'll be constantly whammying). Change the line 'var.whammythreshold = ...' so that it has the value there that your whammy bar sends while in rest.

If you tilt the guitar higher than 50 degrees, Star Power is activated. If you like it better when it's at 30 degrees, or 90 degrees, change the var.starpowerangle value. Use the debug value to find your best angle.

Whichever mappings you use in the script doesn't really matter, as long as you configure GH3 for the PC to use the same mappings. So if you have the script setup to send 'Q' when you press the orange fret, setup GH3 for PC so that the 'Q' presses the orange fret.

Other stuff you can do

Besides accomplishing this great feat, you can:

Plug your bigass flatscreen into the PC, set it as the primary screen and rock out in an even higher resolution!

Add new songs to GH3! This is possible in the PC version only (at least with minimal effort). See this thread on the ScoreHero forums. I've already added a few songs, and it turns out to work best when you have FretsOnFire songs to be imported - those already have separate channels for song/rhythm/guitar sounds, though it is also possible with normal mp3 files.

That's it!

Using this setup, I got my Wii guitar working great with GH3 for the PC. You might not be able to get the same scores since the Bluetooth connection sometimes seems to drop things or lag a bit, but it's great for getting that extra graphics quality boost that you won't get on the Wii. :-) Have fun!

MSIE is extremely dumb

2008-02-11T20:57:00.000+01:00

While finishing up my personal homepage at www.merijnbellekom.nl with a fancy resumé, I noticed that, of all browsers, Microsoft Internet Explorer doesn't understand a self-closing Javascript tag!

HOW

HARD

CAN IT BE

Workaround: don't use self-closing script tags. Sigh.

Grand Theft Auto can be your reality too

2007-07-04T11:27:00.001+02:00

Wow, I just know Jack Thompson would have had a lawyergasm over this: Man thinks he's living inside Grand Theft Auto.

A young man was admitted from prison to a psychiatric facility after reports that he had been acting in a bizarre manner. He had been arrested for stealing motor vehicles and assaults with weapons. At interview he was found to be experiencing the delusion that he was a player inside a computer game (adult-certificate game, widely available) in which points are scored for stealing cars, killing assailants and avoiding police vehicles. Psychotic symptoms had emerged slowly over two years.

Even though Jack Thompson is no longer allowed to practice law, you just know people will scream bloody murder over this and claiming that it proves the link between violent video games and violent behaviour.
Even though the aforementioned young man has been diagnosed with paranoid schizophrenia.

Paris Hilton in jail roundup

2007-06-10T12:47:00.000+02:00

Since every damn celebrity website has been posting about this non-stop, and even FOX and CNN have bene broadcasting several hours of this stuff, I'd figure I'd jump on the bandwagon and post about the topic you all seem to love (but mostly hate):

Paris Hilton going to jail.

The following is a timeline of what happened during this whole ordeal. I'll try to be as complete and impartial as possible.

September 7th, 2006: Paris Hilton is arrested by the LAPD for DUI. The breath test showed 0.08 alcohol percentage, which is the minimum DUI level in California.

January 22th, 2007: Paris Hilton is sentenced to a 36 month probation for reckless driving. She loses her driving license and has to attend alcohol education, and pay fines totaling $1,450.

March, 2007: Paris Hilton's driving license is reinstated after a five-month ban. NOTE: this news is doubtful.

February 28th, 2007: Paris Hilton is arrested for misdemeanor driving with a suspended license, violating her probation. She was driving without her headlights on at night.

May 4th, 2007: Paris is sentenced to 45 days in county jail. She claimed to be unaware if her license was suspended, even though papers stating this were present in her car when she was arrested.

May 8th, 2007: It's probable the sentence will be reduced to 23 days for good behaviour, and possible it will be reduced even further due to cell shortage.

May 9th, 2007: Paris Hilton is spotted driving, four days after being sentenced to 45 days in jail for violating a driving ban.

May 10th, 2007: Two petitions appear, Free Paris Hilton and Jail Paris Hilton. 19,881 people have signed the petion to free Paris Hilton, 40,134 people signed the one to jail her.
At time of writing this (june 10th), the number are 31,966 signatures to free Paris, 89,962 signatures to jail her. None of the signatures on the 'Free Paris Hilton' petition list a name or comment, whereas almost all signatures on the 'Jail Paris Hilton' do.

May 17th, 2007: Paris will serve her time in jail in a 'special needs housing unit' reserved for high-profile inmates. She will be allowed outside one hour daily.

May 22nd, 2007: Paris Hilton is spotted carrying around a Bible.

June 1st, 2007: Three days before her sentence will begin, it becomes known that Paris has ordered a make-up team to meet her next monday to make her look her best when she checks into jail.

June 3rd, 2007: At the MTV movie awards, comedienne Sarah Silverman openly mocks Paris Hilton, saying 'the prison guards will replace the bars with penises to make her feel more comfortable'. Paris wasn't amused.

June 4th, 2007: Paris Hilton checks into L.A. county jail 'Twin Towers' to start sitting out her 45-day sentence. She is quoted as saying 'This is an important point in my life and I need to take responsibility for my actions. [..] Although I am scared, I am ready to begin my jail sentence'.

June 7th, 2007: After 72 hours, Paris Hilton is released from jail due to 'medical reasons'. She has been fitted with an ankle bracelet and will serve the remaining 40 days in house arrest, according to Los Angeles County Sheriff's Dept. spokesperson Steve Whitmore.
Later that day, law enforcement sources state that the 'medical condition' is purely psychological and that Paris Hilton was on a verge of a nervous breakdown. Sheriff Lee Baca gave the final approval for springing Paris out of jail.
It's rumoured that a van with party supplies was sighted at the Hilton mansion just after Paris got home. [source needed]

June 8th, 2007: Judge Michael Sauer orders Paris Hilton back to jail after it became apparent that Sheriff Lee Baca did not even have the authority to release her from jail. The judge even specifically ruled that Paris was not allowed any work release, furloughs, use of an alternative jail or electronic monitoring in lieu of jail.
Paris was initially not present during the ruling, and wanted to attend by phone, but was picked up by the LAPD in handcuffs after this was ordered by judge Michael Sauer.
Paris Hilton was in hysterics after the ruling, shouting 'It's not right!' and literally crying for her mother who was present during the court.
Lastly, a dubious source reported that Paris was initially released from prison because she had a stress-induced herpes outbreak that had 'spread to her anus and had taken on abcess-like features that required more serious medical attention'.

Finally, because it is easily the most awesome thing that came out of this whole ordeal, here is the picture that was snapped after Paris was handcuffed, being excorted back to the courtroom where she heard she had to go back to jail.

And now, I FINALLY hope to hear nothing more from this parisite for the next three weeks. For crying out loud, these last few days she's had more publicity on high-profile news stations than the September 11th attacks did in 2001.

---

UPDATE: June 10th, 2007: Paris didn't eat or drink in the past three days, afraid of going to the bathroom - a prison guard may take pictures/videos and put them on the internet.

LAST UPDATE: June 26th, 2007: Paris was released from prison and has shown what was most likely her first genuine smile ever:

StarForce and Trackmania Nations

2007-06-02T17:25:00.000+02:00

If you play Trackmania Nations, this may be relevant to you. If not, you probably won't care.

Trackmania Nations ESCW is a free racing game that is part of games of the yearly Electronic Sports World Cup (ESCW). It's lots of fun to play on the online servers, and it's free. If you have ever played Stunts, you will love Trackmania.

Trackmania Nations installs the very controversial StarForce copy protection system. The popular BoingBoing blog has had a lot of articles about this thing, and rightfully so. The above Wikipedia article as well as this BoingBoing article mentions that the Starforce copy protection software degraded IDE transfer speeds to the point where it physically breaks CD/DVD drives.

Why am I telling you all this? Well, because today I wanted to play some Trackmania and there was an update available. Specifically, an update that upgraded Trackmania from version 1.7.8 to 1.7.9. After I installed it, when I wanted to re-benchmark my system to configure the graphics settings, I saw this pop up:

Some Googling showed that this was, in fact, the Starforce protection system. While I was aware that older versions of Trackmania Nations had the Starforce protection software bundled but only actually installed it when it was already on your system, this update makes the Starforce drivers MANDATORY. It installs them without asking or informing you, silently. Things like this REALLY tick me off.
A bit of uninstalling/reinstalling showed me that all updates for Trackmania Nations trigger or require the Starforce install. Only the original version (1.7.5) does not come with Starforce, and attempting to play online with this version will get you disconnected from the server with a message telling you to upgrade.

Recap:

Trackmania Nations is a free game
Trackmania Nations has copy protection software installed called Starforce
Starforce installs itself at ring 0 in the Windows architecture, the same level used by antivirus software, firewalls and several other copy-protection systems.
Up to Trackmania Nations 1.7.6, Starforce was bundled with the installer but not actually installed. Unless you already had it on your system.
Starting with Trackmania 1.7.9, Starforce is always installed.
Starforce is not mentioned in the Trackmania Nations EULA
Starforce is not mentioned in the installer
Starforce installation is not visible
Starforce cannot be uninstalled from the Add/Remove Software applet
Starforce can physically break CD/DVD drives
The people who work for Starforce are abusive assholes [1] [2]

How do you know if you have Starforce on your system? Easy. Go to Start > Settings > Control Panel > System > Hardware > Device Manager. In the Device Manager, select View > Show hidden devices from the menu. Scroll down to Non-Plug and Play devices and look for the three Starforce items.

A Starforce uninstaller can be found here:
http://www.onlinesecurity-on.com/protect.phtml?c=55

Why does a free game even have copy-protection software bundled? There are a few other versions of Trackmania that are not free (the original, 'Sunrise', and 'United') so I understand if that needs some kind of copy protection. But the free version? Well, it seems this is to prevent people from cheating at the ESCW tournaments. Which obviously take place in controlled environments where candidates are immediately disqualified for cheating. Huh?
This is all very disappointing. I have had a lot of fun with Trackmania, but I have now uninstalled and deleted it because of this Starforce mess. It was fun while it lasted.

UPDATE: July 2nd - It seems the StarForce drivers were removed from Trackmania: United. This makes me very happy.

Best programming language ever: LOLcode

2007-05-29T19:20:00.000+02:00

An exciting new programming language has become available:
lolcode.com.

It is obvious from the examples that this is the best language ever:

HAI
CAN HAS STDIO?
I HAS A VAR
IM IN YR LOOP
UP VAR!!1
VISIBLE VAR
IZ VAR BIGGER THAN 10? KTHXBYE
IM OUTTA YR LOOP
KTHXBYE

I'd love to use this at work but I'd probably be fired for rolling out of my chair every five minutes, laughing at my own code.

How to be a pirate

2007-05-18T11:58:00.000+02:00

Today BoingBoing linked me to an excellent post on a topic that must be of interest to nearly everyone:

The Essential Guide to Piracy.

Yarrrrr.

Creationists are really, really, really fucking stupid

2007-04-01T10:53:00.000+02:00

Ladies and gentlemen, I present to you:

The most retarded creationist argument against evolution ever!

Note: this is not an April Fools' joke. It was published March 30, 2007.

Wench, fetch me my cape!

2007-03-29T18:24:00.000+02:00

It takes style to ridicule bloggers like Randall Munroe did about a week ago on his XKCD comic.

It takes even more guts to take him up on his ridicule.

Well played, Cory Doctorow.

Converted Blag to GBlag

2007-02-25T16:04:00.000+01:00

I just caved and converted my Blogger blog to the new Google format/layout/whatever, and as a result, was forced removed the 'valid xhtml 1.0' banner since the website isn't even REMOTELY valid anymore. Thanks a lot, Google.

[edit]
After some testing with the W3C Validator and different doctype declarations, I found that the ~800 validation errors are nearly ALL caused by Blogger not escaping its URLs properly (e.g. page.g?arg1=blah&arg2=blah), as well as using Javascript to write HTML tags to each page. Until Google fixes these two problems, it is impossible to get your blog to validate since no doctype declaration allows for unescaped URLs. <:-[

Papa's got a brand new Wiiiii

2007-02-09T11:02:00.000+01:00

Oh man, I'm gonna be so popular.

Note to other people in NL: Wii's are not yet sold out in Germany! :D

Short & Sweet

2007-02-04T20:18:00.000+01:00

Short post:

One: Jack Thompson may not be a lawyer for very long anymore. Long blog post on GamePolitics. Jack faces five counts of professional misconduct, three of which are related to his ongoing campaign against violent video games. Thompson faces the possibility of disciplinary action up to and including disbarment.

I'm surprised it took so long before court did something about this ass-clown. It was fun laughing at him while it lasted, though.

Two: Best Penny-Arcade comic in a while! Federal Bureau of Taking All Your Shit

Complete Idiot's Guide to WAMP

2007-02-03T16:47:00.000+01:00

So, you got it in your head for some reason that you want to run a webserver on your Windows machine? With PHP, MySQL and all that fancy jazz? Well so did I, so I wrote this little guide after mucking about for two days, following various guides that didn't work, were incomplete, incorrect or outdated.

If you're like me, you have been using one of the preconfigured packages, like EasyPHP or XAMPP. The problem is, after using that for about a year, new versions of PHP, Apache and MySQL popped up left and right. And new versions of those handy packages don't come out overnight. Lucky for you, it's possible to download the components separately, mash it all together and have it come out a working WAMP server!

The following howto is a guide helping you on your way with setting up Apache 2.2, PHP 5 and MySQL 5.0 on a Windows XP machine. Windows 2000 or newer works as well, Windows 98/ME will NOT (stick with Apache 1.3 for those). I tried to make it as detailed as possible without including screenshots of each step in the install process and adding 'click Next on this screen'.

Get the software

First, you'll need to download everything so you can install everything in one big swoop.

Apache 2.2 - the actual webserver. Select a mirror, then click the link for Win32 Binary (MSI Installer).
PHP 5 - the scripting language that will be the middle man between Apache and the MySQL database. Click the link for PHP 5.2.0 zip package (the installer does not have all extensions).
MySQL 5 - the database software. Click on 'MySQL Community Server', then click 'Select a mirror' for Windows (x86) ZIP/Setup.EXE. Skip past the form and click one of the HTTP links for a mirror close to your location.
phpMyAdmin - a PHP 'program' that allows you to configure MySQL. You could use the commandline programs that come with MySQL, but this is way easier. Click the link for english.zip.

IMPORTANT: If you plan on doing ANY kindof IP-based filtering in Apache, or use PHP for any kind of IP-based verification (with $_SERVER['REMOTE_ADDR']), do NOT get Apache v2.2.4!! There is a bug in this Apache version together with PHP 5 that makes it return 0.0.0.0 instead of the correct IP. This bug also affects any kind of IP address filtering with allow/deny in httpd.conf/.htaccess. Get Apache v2.2.3 instead, it works fine and does not have this bug.

Install everything

This is dead easy. Follow my lead.

Base directory: to keep things together, you might want to create a central folder where you're going to put everything. Preferably without spaces in the name. I chose to make C:\WAMP. If you prefer something else, substitute your path wherever it says C:\WAMP in the below steps.

Apache: Open the MSI installer file and click through the screens. Accept all the default settings until you reach the Destination Folder, where you will change it to C:\WAMP\Apache. If all goes well, you should be seeing a little Apache feather with a green icon in the system tray:

This is the Apache Service Monitor, which keeps an eye on the Apache process itself. It's handy for controlling Apache, but if you like, you can shut down the monitor without closing Apache itself.
Now go to http://localhost. If you get the message below, you did everything right.

PHP: Open the PHP install zip and extract everything to C:\WAMP\PHP. Make sure all the subdirectories are created.

MySQL: Open the MySQL install zip and double-click the Setup.exe file inside to start it. Pick the Custom install, then change the install path to C:\WAMP\MySQL. Let it install MySQL, skip the 'MySQL.com Sign-Up' and continue to configuring the MySQL server.
At the screen for 'default character set', select your best option.
At the screen for 'set security options', enter a root password.
Everywhere else, accept the default setting. Click Execute at the end to configure the MySQL server and you're done!

phpMyAdmin: Open the phpMyAdmin install zip and extract everything to C:\WAMP\Apache\htdocs. Make sure all the subdirectories are created. Open the install folder and rename the long-ass phpMyAdmin-2.x.x-english directory to pma.

You now have four separate pieces of software installed! Next up: tieing everything together into a neat WAMP package.

Configuring

If you did everything correctly, Apache is already up and running. Now all we need to do is:

Make Apache understand PHP
Make PHP understand MySQL
Make Apache understand MSQL
Configure phpMyAdmin

Sounds easy? Well it's not really all that easy, but that's what this guide is for.

Step 1:

Find the file C:\WAMP\Apache\conf\httpd.conf and open it in Notepad (or whatever you prefer).

Find the section with all the LoadModule lines, and add this one to the bottom:
LoadModule php5_module "c:/WAMP/php/php5apache2_2.dll" (note: use forward slashes)
This makes Apache load the PHP module.

Next, find the line that starts with DirectoryIndex. Change it so it reads:
DirectoryIndex index.php index.html
This makes Apache understand index.php (default) files.

Now find the section with the AddType lines. Add these two:
AddType application/x-httpd-php .php .phtml .inc .php3
AddType application/x-httpd-php-source .phps
This makes Apache know what to do with the .php filetype.

Save the file and close it.
Next, go back to your C:\WAMP\PHP directory and do this:

Copy the php5ts.dll file to C:\WAMP\Apache\bin.
Copy the php.ini-recommended file to C:\WAMP\Apache.
Rename the file to php.ini.

Open the php.ini file in Notepad, and change this line:
short_open_tag = Off
to:
short_open_tag = On
This allows for writing php using the short <? .. ?> tags.

While you're at it, change this line:
;session.save_path = "/tmp"
to:
session.save_path = "c:\windows\temp" (or wherever your temp folder is)
This lets PHP know where to store sessions.

Double-click the Apache icon in the system tray and click Restart to make Apache read the new configuration. Apache is now configured to understand PHP!

To test this, create C:\WAMP\Apache\htdocs\index.php. Then open it in Notepad and type <?phpinfo()?>. Save the file and close it.
Go back to http://localhost and refresh. If you see a boatload of PHP information, you did it!

Step 2:

Now the next part is adding MySQL support to PHP.

Find the file C:\WAMP\Apache\php.ini and open it. Find the line:
extension_dir = "./"
and change it to:
extension_dir = "C:\WAMP\PHP\ext"
This lets Apache know where to find the MySQL extension for PHP.

Find the line:
;extension=php_mbstring.dll
and change it to:
extension=php_mbstring.dll
This loads the multi-byte string extension so phpMyAdmin can handle strings correctly.

Find the line:
;extension=php_mysql.dll
and change it to:
extension=php_mysql.dll
extension=php_mysqli.dll
This lets Apache load the two MySQL extensions from the PHP extension directory.

Save the file and close it. PHP is now configured to use MySQL!

Step 3:

All you need to do now is make Apache load MySQL. Easy enough!
Find the file:
C:\WAMP\MySQL\bin\libmySQL.dll
Copy it to:
C:\WAMP\Apache\bin\libmySQL.dll
This makes Apache load the MySQL library.

Go back to the Apache Service monitor again (double-click the icon in the system tray) and restart Apache once more to load all the new settings and libraries.

Step 4:

Now go to http://localhost/pma to load phpMyAdmin.
Since you haven't configured it yet, it can't access the MySQL database.

To do this:

Go to the C:\WAMP\Apache\htdocs\pma directory.
Rename the config.sample.inc.php file to config.inc.php.
Open the file in Notepad and find this line:
$cfg['Servers'][$i]['auth_type'] = 'cookie';
Change it to:
$cfg['Servers'][$i]['auth_type'] = 'config';
Below it, add this line:
$cfg['Servers'][$i]['user'] = 'root';
Below that, add this line:
$cfg['Servers'][$i]['password'] = 'your MySQL root password';
Find the line with controluser and delete the part pmauser between the quotes.
Find the line with controlpass and delete the part pmapass between the quotes.
Save the file and close it.

If you reload http://localhost/pma now, it should give you the main screen for phpMyAdmin.

You're done! Everything is setup now. Your WAMP server is finished!

Problems?

If you can't get to http://localhost, Apache isn't running. Go to Start > Run > services.msc, find Apache2 in the list and start it. If it's not in the list, reinstall Apache.
If Apache doesn't start, there is an error in the httpd.conf configuration file.
If no one can get to your webserver, make sure your firewall and/or router allows it.
Make sure you did everything correctly!

This is a Belgian virus. Please forward it to everyone and then delete all your files.

2007-01-29T10:14:00.000+01:00

Today I received my first spam message to my private university email account. I haven't read spam messages in a long time, but this one caught my eye for two reasons. The full body of the spam was:

Good day,

Viazzgra $1, 80
Ciazzlis $3, 00
Levizztra $3, 35

http://www.printeryml.*com ( Important ! Remove "*" )

--
Dobby stood for a moment, quivering all over, horror-struck by his own daring then he rushed over to the nearest table and began banging his head on it very hard, squealing, Bad Dobby! Bad Dobby!

First off, that URL is not even remotely valid. It includes an asterisk, and the message instructs the user to remove the asterisk before going to the address. That's INSANELY STUPID. A while back there was an email virus that evaded email scanners that blocked suspicious .zip files by sending .rar files with the payload. In a password-protected .rar file. So the spam message instructs the spammee with detailed instructions to save the file to disk, open it in WinRAR (which is not as commonly used as WinZip), extract the file, enter the password, find the extracted file, and then open it to launch the virus. Erm, I mean, porn movie. Whatever. Understandably, the virus was not very widespread.

Secondly, does anyone recognize the text at the bottom, cleverly intended to fool spamfilters into thinking it's not spam since it has full sentences?

Yes.

It's from Harry Potter and the Goblet of Fire.

I gotta say, spam is getting more Belgian every day.

Mr. Kers, NO ONE UNDERSTANDS DAS PARFUM

2006-12-15T12:24:00.000+01:00

Just last night, I went to see the movie adaptation of Patrick Süskinds Das Parfum, named Perfume: The Story of a Murderer. Having read the book roughly ten years ago, I found that the movie was very true to the book. However, if you haven't read the book, some parts of the movie might not make much sense to you. I won't go into any of the details here (so no spoilers) but the gist of the story is about a boy named Jean-Baptiste Grenouille, who possesses an extraordinary sense of smell. After he discovers he has no smell of his own, he endeavors to create one, being the world's most perfect perfume. Throughout the book, he becomes more and more disgusted with mankind, isolating himself for years in a deserted cave before re-entering the world and learn about the technique that will enable him to create his perfect perfume.

I read this book when I was in highschool when I was about 16, and it impressed me in the same way that Spider-Man impresses me: he can do something that no one else can (except Tobey Maguire uses his skills for good). The story goes through different stages, and this makes for a very enthralling movie. Even moreso than the book.
However, when it was time for my book exams, surprise surprise, my German teacher did not just touch upon this book, he dived into it. And took me with him. Apparently, there was a deeper meaning to the story that I had not understood. That I had completely missed, even. Instead of focusing on the several books of Kafka (and reviews, and documentaries) that I had read like I expected, he completely teared me apart of some bullshit allegory that was hidden in the Perfume book. Supposedly the entire thing was somehow an allegory for a teen growing up in puberty, going through several stages of mental maturity, blah blah blah. I failed the book exam very, very thoroughly. (On the other hand, I completely aced the written national exams, balancing my grade out nicely.)

So as you can expect, I was very anxious to see if anyone else could see the hidden meaning of the story after it was made into a movie. Surely, the movie critics know a lot about the stories movies tell, and their deeper meaning? Those guys, who have seen hundreds of movies, will see the hidden meaning of Perfume within a minute? Right??

No.

I have looked at every movie critic's review I could find. I have read all of them very thoroughly, skipping over the parts that praise Tom Tykwer for making a great costume drama with the budget he had, praising the beautiful close-ups of the murdered girls, and the performance of the lead characters, Ben Whiskaw and Alan Rickman. I even read the Wikipedia pages about the book and the movie, and the story's deeper meaning is mentioned NOWHERE. It's not there. I really doubt all the movie critics, as well as myself, can be wrong. It's not there.

So it is with absolute great pleasure that I can finally say, after ten years, to my old German teacher:

NO ONE UNDERSTANDS DAS PARFUM.
THERE IS NO HIDDEN MEANING IN THE BOOK.
STOP ASKING YOUR STUDENTS ABOUT IT BECAUSE IT IS BULLSHIT.
FUCK. YOU.

Ballmer: Linux is infringing on Microsoft's IP

2006-11-21T12:01:00.000+01:00

Steve Ballmer, the man up top at Microsoft whom you all know (monkeyboy dance, developers, Google chair toss), says that Linux users infringe upon Microsoft's intellectual property and that the only Linux distribution that is legal in his eyes is SUSE Linux, owned by Novell, which has payed $40 million to Microsoft, in return for Microsoft's promise not to sue SUSE or Novell later on for patent infringement. Actually, Novell paid this only after Microsoft gave Novell $440 million for service coupons. Ballmer says Microsoft is willing to make the same $40 million deal with other Linux distributions.

What the hell? IP infringement? What the hell is that supposed to mean? Just because the graphical interface of Linux also has Windows, buttons and a taskbar does not mean it's stolen from Microsoft. Unix and even Xerox have had this for decades. Microsoft in no way holds the patent to a WIMP interface. If that is even the part(s) of Linux that Ballmer is talking about. It's nowhere to be found what parts actually constitute the patent infringements.

Not surprisingly, the Linux community has responded furiously.
RedHat asked Ballmer to reveal what parts of Linux are infringing, so that they may remove or workaround the patent infringement.

The Samba group asked Novell to reconsider and undo the settlement, citing obligations to the open source community. Samba also mentioned that this deal is a GPL violation.

Novell says that the $40 million deal has nothing to do with settlements for patent infringements.

Linux users themselves are just laughing about this.

This could be fun. I'd like to hear Ballmer get all worked up and blurt out that Linux is illegal, except for the ones that paid him off. This is like the SCO lawsuits all over again.

I feel old

2006-10-16T10:22:00.000+02:00

I just read an article about FireFox 3.0 on Ars Technica that has the following quote:

"One interesting request appears near the end of the list: the wish for Firefox to be the "fastest browser on the market," even in low-memory configurations such as PCs with only 256 MB of RAM."

For me, a low-memory system has about 32 MB of RAM. I feel old.

The Internet is a scary place

2006-10-02T18:45:00.000+02:00

Warning: do not show this video to someone who is computer illiterate. They might never dare use the computer again.

Computer being infected with metric fuckton of malware, set to opera music (YouTube)

Thanks to McAfee for giving me something to scare my mother with. >:)

More fun (or horrifying, depending on your POV) videos if you search for windows spyware on YouTube.

Rule #1: Spammers are stupid

2006-09-17T15:08:00.000+02:00

A post on the Sunbelt Blog caught my attention today: Spammer guy gets $11 mill judgement against Spamhaus, no one cares. That's more interesting than the title will make it seem - spammers rarely (if ever) win anything in court. So what made this one win? Intelligence? Legitimacy?

There are several unwritten rules about spammers, that most people in IT can tell you. The first one is the title of this blog post: Spammers are stupid. Face it: sending millions of people email messages they don't even want in the first place, selling stuff that doesn't work or doesn't even exist, hardly sounds like a good business model. I admit that there are spammer success stories on news sites sometimes, about a spammer who made millions, against all odds, while staying reasonably morally correct ('I never send adult-oriented bulk email. That's just wrong. What if children see it?'). What you don't read on those sites, are the thousands of stories of spammers who don't make a dime with their 'business'. Sure, there may be a handful of experienced spammers who make a few hundred bucks a month and can afford a second car, but even if they run a profit they'll stay under the radar, since spamming is becoming more and more illegal by virtue of some reasonably effective laws in a handful of states in America.

Yes, I know that I said 'few hundred bucks a month' while I mentioned success stories earlier about spammers making millions. I did this for a reason, which brings us to the second rule about spammers, as well as taking us back to the original story: Spammers lie.

The lawsuit mentioned at the beginning of this post is about a spammer called David Linhardt, who is particularly whiny and stupid. After Spamhaus blacklisted his spam-spewing domains a few times, he sued them under Illinois law - and he won $11 million by default judgment, since Spamhaus wasn't there to defend itself.

You want to know why? Because Spamhaus is located in the UK. Where US law does not apply. Linhardt may be happy about the ruling, but he won't be able to collect a dime from Spamhaus unless he files the same suit in UK court, and wins. The same goes for the removal of his domains from the ROKSO list (a blacklist with the 200 worst spammers in the world). All this is about as likely as the Earth reversing its rotation at this very moment. Because Linhardt is stupid, and lied to the judge in Illinios by saying that Spamhaus did business in Illinois and therefore fell within Illinois jurisdiction. Yep, he lied in US court. I told you spammers are stupid.

This is Darwinism at its finest. At one point this Linhardt douchebag will pick up a gun, load it, aim for his foot - and shoot himself in the nads.

Read all the articles for yourself:
CNet: Spam fighter hit with $11.7 million judgement.
Slashdot: Spamhaus Ignores $11.7M Judgement
Spamhaus: The offending ROKSO record on Linhardt (this includes several of the hilarious complaint emails Linhardt sent in response to his spam being blocked)
Spamhaus: Legal answer to David Linhardt

Oct 9 update: Uh oh. The e360insight wants the judge to order ICANN to take down the spamhaus.org domain. And since ICANN is located in the US, this could get ugly.

Oct 12 update: Well, it could have. ICANN refuses to take down the domain, saying it can't - only the domain registrar can! Who that is? It's Tucows. And guess where they are located: Canada. Where US law doesn't apply. ZING!

Oct 20 update: Phew - it looked like the judge was going to pull the domain anyway since ICANN was responsible for it, but he did not want to 'impose a sanction that does not correspond to the gravity of the offending conduct'. Also, it seems SpamHaus now has wised up and is now represented by Jenner & Block.

Beginner's Guide to Miranda Instant Messager

2006-09-12T12:50:00.000+02:00

This post is about the multi-IM client Miranda. This is a very light-weight instant messaging client that can connect to a multitude of networks, offering a lot of features by means of plugins (think FireFox and its Extensions). I've been using it for a few years now and I am very satisfied with it. The amount of different plugins can be overwhelming for a new user, so I've decided to put together a little guide on the essentials.

First off, get the bare client straight off the download page. And when I say bare, I don't really mean that: it includes the Miranda client itself, and plugins to get online with AIM, ICQ, MSN, IRC, Jabber/GoogleTalk and Yahoo. (A note on GoogleTalk on Miranda.) It also has a plugin to import contacts and history from ICQ. It should look something like the screenshot to the right when you first run it (though probably with more contacts in less groups). Skip ahead to the bottom of this post to see what my contact list looked like after everything was installed and configured.

The Options dialog is very, very complete - especially when you enable 'Show expert options'. You'll want to start at the Networks section, to fill out your account details for all IM networks you have an account on. The 'Status' menu in the main window allows you to set the status for each IM protocol independently, or all at once.

Now I know you're going to ask yourself: 'Is this it? A completely boring contact list with some icons?' and I know it looks pretty bland like this. Luckily, we can fix that! There are plugins for nearly everything you're used to in the regular IM clients. Installing plugins is really easy: you just grab it off the Addons page, unzip it, drop the dll (or two) in the 'Plugins' folder and restart Miranda. It loads right away and if it has options, it'll add a section to the Options dialog. Occasionally a plugin has a separate dll for icons, a smiley pack or documentation, which you can drop in folders 'Icons', 'Smileys' and 'Docs', respectively. Usually the Readme file included in the zip is helpful as well.
If adding a new plugin causes Miranda to start crashing, look for a Unicode version of the plugin (Windows 9x/ME uses ANSI versions, Windows 2000/XP and newer use Unicode versions) or a newer version. If both fail, hop on the Miranda forums, find the discussion thread for the crashing plugin and start reading. Most likely someone has the same problem and posted a solution or a workaround.

Modern Contact List (aka clist_modern)

This is the most dramatic change to your contact list that you will see. Download the Modern Contact List plugin to enable skins on your contact list, user avatars and other fun things. The default skin is pretty snazzy, and you can get even prettier ones from the Miranda website. Customizing an installed skin isn't that hard (Options > Customize > Skin), though you'll probably screw up once or twice trying to figure out what everything does (like me), so make a backup of your database first.

Other plugins that go with clist_modern nicely:

Avatar Service (aka Loadavatars)
This is a general avatar service to complement Miranda's own, which can be used by other plugins. By itself, it makes sure all your contacts' avatars are current and displayed on your contact list.
Fingerprint
This plugin detects what IM client your contacts are using, as well as the client's version. Very cool. This goes together very well with mToolTip, described below.
Icon Library Manager (aka icolib)
Another 'core' plugin that allows you to customize icons for pretty much everything.

tabSRMM

The standard layout for the sending and receiving messages module (SRMM) is probably what you are used to: one window for each conversation or contact. If you have a lot of conversations at the same time (or just keep them open, like me), this will produce a lot of windows and clutter things up. The Tabbed SRMM plugin groups all conversations in one window, using tabs (again, think FireFox). The keyboard shortcut 'Esc' to close a conversation tab is especially great.

mToolTip

This one is not available on the Miranda website itself, but it's great: it creates a bubble tooltip with useful information when you hover the mouse cursor over someone in your contact list. The plugin itself is just the engine, so it still needs settings to create the tooltip content. It's a bit complex, but well worth the effort: get a mToolTip template from the Miranda website, then get the Database Editor++ to load the .ini file from the template. Detailed instructions on doing this are in the Readme file for the mToolTip preset.

Popup Plus

Miss the popups that MSN Messenger creates on events like receiving a new email, getting an IM, seeing someone come online? Well, no fear: the Popup Plus plugin is here to save you. It will even notify you of people typing their first message to you (before the conversation window has opened), which is useful as well as good fun ('hey, how'd you know I was going to ask you something?').
This also alerts of you of new email on the protocols that support it.

SmileyAdd

I bet you REALLY miss this in conversations, huh? Well, just get the SmileyAdd plugin and all smileys you type or receive in messages will be converted to pictures. You can select to have each protocol use its own smiley pack, or have all use the same basic one. The only drawback is that MSN Messenger's custom smileys are not supported. (The MSN plugin itself seems to support them from Miranda 0.6.6 and up.)

For the MSN protocol, I'm using a smiley pack with the exact same smileys that MSN Messenger has, but unfortunately it's no longer available from the Miranda website: here it is.

Updater

Since Miranda is an open source project, updates will happen often. Very often. The Updater plugin can keep track of this, and if you put it on the most sensitive setting, don't be surprised when you get updates to some plugins several times per day. Put back the 'Update on .. change' setting a notch and you should be fine. The only thing it won't alert you to is new versions of the Miranda core engine itself - so you'll have to check for this periodically. I subscribed to the Miranda blog myself to keep an eye on this.

History++ 2in1

To keep track of your messaging history, there is a default (embedded) plugin that logs all messages. This default is not very good, though - you can't see more than one message at a time and it's 'find' function can be a bit... dyslexic. The History++ plugin has a lot better features and gives you a much better overview. It tracks conversations as well.

Weather

Very useful if you want to know it the weather's going to be any good this week. It acts as a special protocol plugin, so you can add weather stations all over the world as contacts in your list, then group them together.

MyDetails

MSN Messenger has a frame at the top that shows your current avatar picture, your nick and your status. If you get the MyDetails plugin, Miranda can have this too! The plugin is still in developmental alpha stage, but it works very good. A bit of tweaking with the settings and you'll have it look very much like MSN Messenger. And this plugin works for all the other protocols as well! If they support avatars, you'll see them in the frame as well.

Final result

After I finished installing everything, tweaking my settings and got everything working, my contact list looks like the lower right picture. You can see the progress nicely when I install additional plugins.

Default layout	Modern Contact List

Fingerprint + Loadavatars	MyDetails

UPDATE: Since the implementation of the MSNP11 protocol for MSN, developers are starting to add features from the new MSN clients to Miranda. Nudge and ListeningTo (alpha stage) are among these. If you have Miranda 0.6 PR 2 or newer, you can add the 'listening to' information to the mTooltip settings. (You won't need the ListeningTo plugin for this.)

Add this to your mTooltip.ini:
[ListeningTo]
DBSub=MSN
DBSet=ListeningTo

Then add this somewhere in the MSN mTooltip setting (Options > mToolTip > Advanced > MSN) to show the info, if it is set by a contact:
%%Media: <b>(8) %user_ListeningTo|%%%%|</b>

ANOTHER UPDATE: Miranda 0.6.6 (in rapid succession to 0.6.5 and 0.6.4) was just released, and if you upgrade from 0.6.3 or earlier you'll find that Miranda can't find your profile anymore. You need to move the profile.dat file, see this thread on the Miranda forums.

We have a crisis! The perpetuum mobile has been invented!

2006-08-30T15:14:00.000+02:00

The title of this post refers to the crucial words of one of the members of the 'Topmost Ten' in a Oliver B. Bumble comic by Marten Toonder. These Topmost Ten people were the richest people in the world, owning everything. They lead a horrible life of paranoia since they can only lose their possessions and gain no more. The story details of Bumble acquiring a certain machine from a woodland friend, which he claims has a wheel that turns forever, powered by nothing.
Understandably, the Topmost Ten immediately declare defcon 1 because this perpetuum mobile, when made public, will instantly turn all other fuel resources useless and without value. The story is great.

So, what about it? It's just a story, the perpetuum mobile does not exist. Not only that, it's a physical impossibility that would destroy the world if invented. (Because every machine produces heat, and a machine that produces heat from nothing will eventually cook the world.)
Well, there is this company, you might have heard of it. They're located in Ireland and are called Steorn. The first time anyone heard of them was when they put forward a promotional video, which was posted on BoingBoing. While the video is riddled with marketspeak, vague claims and snakeoil, it also describes a technique they invented that providesd 'free energy'. In other words, it produced more energy than it required for operation. They claim to have reached fuel efficiencies of 285%. Yes, they claim to have invented the perpetuum mobile.

So how does it work? Well, they won't tell. The promotional video just babbles vaguely about meticulously arranged magnets. On their website, they're inviting people to sign up for a chance to test their technology for flaws, but a recent article in the UK Guardian says that scientists who signed up didn't receive squat because Steorn is so afraid to lose the intellectuel property rights to their revolutionary technology. The whole thing is being compared to two scientists (Pons and Fleischmann) who claimed to have cracked the mystery of cold fusion back in 1989: a lot of claims and promises to change the world, but no actual proof.

Could Steorn be serious? The physicist in me says 'no' without a moment's hesitation. The perpetuum mobile is physically impossible in this universe. On the other hand, Steorn put a lot of money into a full-page ad in the Economist. They openly challenge scientists to come and prove them wrong. But the sentimentalist in me can't convince the physicist.

Plus, Marten Toonder is right: a perpetuum mobile would wreck the world's economy.

Quick note rollup on Intel Centrino wireless vulnerability

2006-08-30T13:51:00.000+02:00

(This post sponsored by the F-Secure blog :P)

Just a list of quick notes about the recent problems with Intel Centrino's wireless network card drivers:

Aug 2: Very very bad bugs were found in certain Intel-based systems with wireless network cards. Basically, if you have a laptop (any platform, even Mac) with an Intel Centrino wireless network card, it can be rooted removely by someone within range of the wireless network. F-Secure blog post. The post includes a link to a demonstration video.
Aug 2: Luckily, Intel was notified beforehand and released an update about the same time. F-Secure blog post. The 'update' was 130MB, which was a bit large for a driver update.
Aug 3: The update was buggy. Driver incompatibilities. The enormous size was because of bundling 32-bit and 64-bit drivers as wel as some Intel network tools in one package. F-Secure blog post.
Aug 14: Concerned by user feedback, Intel split the download into two packages, as well as a driver-only download. F-Secure has the scoop.
Aug 21: One of the programs in the update packgage is insanely buggy, eating up memory and CPU at alarming paces. Killing the process has no adverse effect if you let Windows XP handle the configuration. F-Secure.
Aug 24: Intel finally releases an updated version of the update package that fixes all the bugs. The End.

So...

Did you patch if you were vulnerable?

Did you re-patch if you didn't have the latest version already?

Linux has almost passed puberty

2006-08-23T11:05:00.000+02:00

Last week, someone recommended a Linux distribution to me. This was the Ubuntu live CD distro, that is bootable off a CD and is immediately ready for action. I decided to give it a try. This is a write-up of the past two days where I played with it.

Linux in the past

Now before I launch into the boxing match I had with this CD, let me explain my past experience with Linux. About six years ago, when all I had was a crummy Pentium I laptop, I tried to make Windows 98 dual-boot with Linux. I tried no less than five different distros and all of them messed up in one way or another. Redhat, 2 versions of Mandrake, SuSE, Slackware with X... no go on each one. Either it didn't recognize half my hardware, or it failed to boot, it failed to leave Windows alone, it failed to let itself be configured by a Linux newbie like me, or installing it was just too incomprehensible. I concluded that Linux was not ready for the desktop by a long shot and vowed to never try it again.

Years later, I decided that it was time to take it for another spin on my new desktop system, seeing that there was this thing called Knoppix Live, which allowed you to try Linux from a CD, without changing anything on your system, bla bla bla, the usual. While the CD booted nicely and recognized most of my hardware, the UI problem was still there - I gave up when I had to reboot in order to change the screen resolution, which is useless since the whole thing was on a read-only CD. I know you're going to shout at me for not knowing the keyboard shortcut for restarting X without rebooting the entire system, and I don't care. I'm a Linux newbie. If I can't work it, it's not ready for the desktop yet.

What I want from Linux

Now, another 3 years later, I hopefully burn the Ubuntu ISO to a CD, slam it into the CD-ROM tray of my brand new laptop and reboot the system. I'm mildly excited. I have several general goals and expectations of this Ubuntu thing in my head that I want to achieve and see:

I want Ubuntu to recognize all my hardware, including the Intel wireless network card and the plug-n-play wireless USB mouse I have.
I want to be able to access my NTFS Windows partition.
I want to find, install and be able to use the same (or similar) applications that I am using in Windows XP. These include:
- A good browser. Opera is my primary choice, but FireFox will do.
- A P2P program to connect to my DirectConnect hub. I know about Valknut and I'm going to try it.
- An IRC client. I'm used to mIRC so I want one with a similar feature set.
- An FTP client. Before I rebooted, I was uploading a few things to our home entertainment system computer. I want to resume those.
- An multi-IM client. I'm used to Miranda. I know about GAIM so I'm going to try that.
- A proper music player. I use Winamp almost continuously to listen to Shoutcast radios, as well as play MP3s. I heard about XMMS and seen it a few times. It looks a lot like Winamp so I'll try that.
- A file manager. I'm used to Total Commander but I doubt something that advanced is available in Linux.
- An easy-to-find command line. I know how Linux is centered around the command prompt more than Windows, so I want to use that.
I want to be able to achieve all of the above, without rebooting. (obviously)

All in all, these points are what I expect an average user would want to be able to do with Linux: getting things to work like they do in Windows, in a comparable amount of time.

The Linux Experience

[Hardware] The CD boots nicely, though the boot process is an ugly mess, with screens ranging from text scrolling past on a black screen right up to a GUI progress box with sound (ooh pretty), then back to text, back to the GUI, etc. But it works. I'm slightly more excited. The desktop looked like this, nice and clean.
First on the agenda is getting the Interweb to work. I'm baffled to see that just inputting the SSID and WEP key (bite me) works right off the bat. This is even better than Windows, where I need an installation CD, a migraine and three reboots to get the wireless network card working. Very nice.
[IM] Next up: GAIM. I've got a friend who uses it exclusively and it works very good. MSN is up and running in no time at all. No MSN avatars, but that's no disaster.
[P2P] Foolishly, I skip right to Valknut. This is where it gets ugly. The homepage for Valknut has no Ubuntu option, but after a bit of digging in the online Ubuntu help I learn that Ubuntu is based on Debian, so I pick that option instead. Unfortunately, the development page for Debian Valknut is dead. Hmm. Being the clever chap that I am (i.e. moron) I download the Valknut source and try that.
After a bit of reading I am greeted by an error message 'bash: 'make' command not found'. Uh. I thought that was the point of open source? Compiling things yourself? Apparently not. The Ubuntu folks probably didn't think someone who boots Linux off a live CD is going to compile things by himself. Curses.

By now it's near midnight and I need to get up early for work tomorrow, so I call it quits. I reboot and remove the CD.

End of day 1.

Next day, I decided to give it another whirl. Insert CD, reboot, start Ubuntu, setup wireless network, and on to the less obvious tasks. GAIM once again signed on perfectly to my MSN Messenger, ICQ, AIM and Yahoo accounts. GMail/Jabber did not.
[Music] The standard music player is Rhythmbox Music Player, which refuses to add my favorite Shoutcast station to its list of 'radio stations'. The Add/Remove Applications tool (which is very good) shows that XMMS can also be downloaded and installed, which I do. XMMS also won't let me add a Shoutcast station.
Well then, on to the music that is already on my drive. Since it wasn't auto-mounted (mounting is pretty hard for newbies like me) I searched the Ubuntu documentation for something that would. A script to mount all drives was quickly found, and surprisingly I was able to download and run it. A minute later I'm listening to the soundtrack of Pirates of the Caribbean. Nice!
[P2P] Now that I've got some music, I decide it's time to try Valknut again. Skipping the Valknut homepage, a Google search for 'debian valknut' has more success. One .deb package later and Valknut is running! No wait, it's not. It needs a few packages on which it depends. Easy enough to download and install them, but some of them require additional packages. Fortunately this doesn't devolve into a maze of dependencies and version conflicts and Valknut can be persuaded to run after four or five extra packages. Another goal achieved. Something to remark here that caught my attention: there seems to be no difference between a folder with execute rights, and an actual program.
The Valknut client itself seems pretty poor. I can't find tabs, accidentaly close it at least half a dozen times, it has no system log or visible system status, doesn't accept custom commands or user commands, etc. But it works. I can chat and I can download.
[IRC] Searching the software installation list yields something called 'X-Chat'. I heard of that so I install it and run it. The design is different from mIRC and it's a bit clunky. The usual networks I frequent are not in the list so I have to add them to the server list, instead of just being able to type /server irc.server.com like I'm used to. An incredible stroke of luck is stumbling upon a #linux help channel with some helpful people, which speeds up my progress.
[browser] Right about now I decide it's time to try Opera 9 for Linux. Firefox is great, but I really prefer Opera. There are 5 different Debian versions and 3 different Ubuntu versions of Opera, so I pick the latest Ubuntu one.

However, I run into something strange here: quirky dependencies. Opera requires some 'libqt' upgrade, but since the older, existing version is used by Valknut, it requires I uninstall Valknut?? It's almost like Ubuntu wants me to use Firefox. Fine then.
[File manager] I touched on this yesterday so I'll install it again: the Thunar File Manager. The file structure system of Linux is an absolute maze to a Windows user, and I keep forgetting where my mounted drives, my desktop and my home folder is. I need bookmarks. Thunar works pretty well though.
[Terminal] I'm making good progress here, even considering it's my second day on this. The Terminal is in the default application menu so no worries there. It seems I'm logged in automatically as some kind of limited user, and that the root account has no password. So anything I do in 'system settings' that needs root access only requires me to click 'Approve' and it works. Anything in the command prompt only requires 'sudo' in front of it. It's easy to work with, and I'm not working as root (which seems to be important in Linux).
[FTP] Last is the FTP client on my list. The application list recommends (i.e. lists as my only choice) gFTP so I get that. It works like a charm and resumes my uploads flawlessly.
It's almost midnight again so I sign off GAIM, set Valknut to away mode and close the lid. This was.. fun. :)

Conclusion

All in all this was the most successful I have been with Linux so far. Seeing how it boots from CD, I don't have to meddle with the installer, partitioning or dual-booting. Since both my hardware and the Ubuntu CD are new, everything is automatically detected. Desktop Linux has become way better, but it's not ready yet.

Pro:

Hardware detection is excellent.
User support is great if you know where to look.
Everything is customizable. The default settings may not be the best, but most are very well thought-out.

Con:

No consistency. I installed about 8 programs, and 5 of them have differently-styled GUIs, ranging from extremely large-font and ugly (Valknut) to insanely small (XMMS). The WiMP styles vary wildly.
File and folder organization is very, very different from Windows. I keep losing my way.
When you don't know how to do something, there is hardly any guidance. When you do something wrong, there is hardly any explanation.
Performing basic tech tasks, such as determining the kernel version or memory usage are not as easy as they seem.

My answer to the question 'is Linux mature yet?' would be 'almost'. The user experience has improved vastly since the early years of Linux, and a lot of Microsoft Windows features have been mimicked (which is good). On the other hand, some things still need work, like consistency, standards and help.

It's clearly almost ready for the desktop, but not yet. Maybe I'll do another test drive in a few years and see if it's ready then. :)

The Jack is back

2006-08-21T12:19:00.000+02:00

About ten months ago, I did a writeup of Jack Thompson's actions up to that point, which included throwing hissy fits over video games such as GTA, The Sims 2, and unsuccessfully bullying several online comics about video games. Well, there is some good news for people who, like me, love watching the first few rounds of Idols (American Idol in the US) just because it's so much fun to watch people crash and burn.

As most of you should know, Rockstar Games is close to releasing a game called Bully, where you play the role of a schoolyard bully, beating your fellow wimps, uh, students, ultimately taking over the school. It's like GTA for kids, by kids, with kids. Except that it's not for kids. With all the beating and stuff. The game will be released in October.

Anyway, Jack has taken it upon himself to make sure this game is a-ok to play for people. In early 2005 he supported a campaign to discourage Rockstar Games from releasing the game at all, calling it a 'Columbine Simulator' (though there are no guns in the game as far as I know). How did he do this you ask? Simple. On August 16, 2006 he filed a petition, demanding that Rockstar Games provides him with an early copy of 'Bully'.

Wait, what?

Yes. He wants it for himself and others, to analyze it "to determine whether it still poses a threat of copycat violence in our schools."

Not surprisingly, Rockstar ignored him. So, ever the resourceful fellow, on August 18 Jack Thompson sued Wal-Mart, Best Buy, Target, Circuit City, GameStop and Toys 'R' Us seeking an order to stop the release of the game in October.

This is great, I can't wait for the outcome of this, so much fun. I'll definitely be playing this here Bully game. Finally I can get revenge!

--
Oct 12 update: The judge actually ruled that a Take Two representative must play Bully for 100 hours while the judge watches, to determine if it's bad enough to be banned. Take Two seems to think this all publicity is good publicity for them, but this is starting to cross the line between 'funny' and 'what the hell'. Ars Technica has the full scoop.

--
Oct 13 update: The verdict is in! After only two hours of viewing, the judge decided that while he wouldn't want his children to play it, Bully will appear on store shelves normally. Jack Thompson states "I may be full of crap about this game, and I may be wrong, and that's fine." And I intentionally misquoted him on that. Source: Ars Technica.

Opera? More like, Opwnera, amirite?

2006-06-21T17:54:00.000+02:00

It's official. Opera is now better than FireFox. And this not my opinion. No, my friends, it is FACT.

Yesterday, those great guys in Norway released version 9.0 of their Opera browser. It's great. It's bliss. I think I creamed my pants three times before even finishing reading the page that lists the new features. Back when Opera was at their 7.x series, I briefly deserted and used FireFox for a while, and the main plus for me was the AdBlocker plugin. I blogged earlier that there was a trick to make Opera block Flash embeds which efficiently also blocks 90% of the online ads, but it wasn't the best. But now that Opera added a Content Blocker, I will never again have to switch back to the sloth that is FireFox.

The major new features:

It has a god-damn content blocker. Goodbye, ads! Still take a bit of digging through the source to block embedded scripts, though.
It has a built-in BitTorrent client. I'm really not kidding. It's not µTorrent, but it's pretty awesome.
Tabs thumbnail preview. Pretty sweet. Hover your cursor over a tab and a mini-version of the page pops up along with some details.
Per-site preferences. You know all that sweet stuff you can setup for a browser to make it more secure and comfy? Like cookie settings, popup blocker settings, enable images, enable javascript, enable plugins, and like a TON more... you can now do that for each page separately (or have it use the default).
Widgets. I haven't tried any yet, but judging from the Opera Widget Guide it looks like they're essentially like FireFox's plugins. Or Vista's sidebar components. Or Windows's ActiveDesktop elements. Or Javascript widgets. With cream. Say aah.
Customizable search engines. Used to edit your search.ini yourself? Well, not anymore. Everything you could do in there, you can set from the Opera UI itself now, without restarting the browser. Even search forms that use POST data! (Which FireFox still can't do reliably or easily.)
opera:config. So FireFox stole a few (well, a FEW) features from Opera? That's cool, we'll steal back one or two. This looks like you can essentially edit the opera6.ini settings file from within Opera.

And don't forget: Opera is free!

So is there anything I don't like? Unfortunately, yes. It seems like each major version upgrade, keyboard shortcut keys change. Though I love the feature in itself very very much, it's not handy if each time I memorized all the keyboard shortcuts, they change in the next version again!
In the first few minutes of using Opera 9, I noticed that New tab, Paste and go, Close tab... three of the most-used shortcut keys I use, and all three keyboard shortcuts are different. Why?

[edit] Oh, nevermind. You can change keyboard shortcut assignments. Hooray! :)
[edit2] I can no longer login to Hotmail with Opera 9. Boo.
[edit3] Well, I can, but only if I allow normal and third party cookies from *.msn.com, *.live.com, *.hotmail.com, *.passport.com and *.passport.net. Gotta love Microsoft for shoving you through 5 different domains (and at least 3 times as much servers) before logging you in to Hotmail.

I am become Death, destroyer of rootkits

2006-05-20T22:11:00.000+02:00

So... last friday, I was at work and witnessed the most amazing thing someone can see in the field of IT. I will tell my grandkids about this one day.

Before I tell you what it was, let me tell you some background story. I work at a small and successful IT company with a few friends from university and other great coworkers and bosses. Our server farm (database and webservers) is physically located several dozen miles away from us, but they all have RealVNC installed so we can access them remotely. RealVNC basically shows you the desktop of the remote server, so you can work on them as if you were sitting right behind them. Our servers even have some kind of 'panic' switch installed on a hardware level that allows us to remotely reboot the servers in case of a serious crash, by sending a text message to a certain cellphone number (which is, of course, the coolest thing ever).

Anyway, two weeks ago I read an article about a vulnerability in RealVNC 4.1.1 at work, but since the proof-of-concept code published by the same site required you to use the server with VNC installed to load their website, which would then check for the vulnerability and tell you, we figured it was a phishing scam and forgot about it. I mean, if somebody told you they could hack your system, but to prove it, you'd have to turn off your firewall and antivirus, and open this strange-looking file... would you do it?

Well, this week we thought, in retrospect, that we should at least have checked the version number on our VNC servers and checked if our servers were actually open to attack.

Because we got attacked. Live. While me and two of my friends were looking at the server's screen at work. We actually witnessed the hacker hacking our server. Hollywood has nothing on this.
We VNC'ed into one of the servers for some routine work, and a command window was open with loads and loads of shell commands scrolling past - adding users, changing registry keys, downloading files, setting attributes (mostly 'hidden' and 'system') in an endless stream of DOS commands that were scrolling by.
At first, we thought it was our sysadmin, doing some complex Win-fu far beyond our IT abilities. But this didn't seem like something he'd do - why would he merge something into the Registry called 'hide2.reg'? Then the stream of shell commands stopped, and to verify what we thought, I typed at the command prompt:
C:\>who is this?
To our surprise and immediate panic, someone typed:
C:\>who is this? I'm PeeWee.
..and quickly closed all the command windows and disconnected from the server.

So we immediately called our sysadmin to tell him what was going on and ask for help. Now, mind you, none of us three (it was early in the morning and only us three had witnessed the owning of one of our servers, a fourth coworker was in the next room) are laymen when it comes to computers. So even while we were talking to our sysadmin on the phone, the other two made plans to shut down RealVNC on all servers and use Terminal Services (Microsoft's own remote access program) to connect to the servers again and upgrade RealVNC to the new updated version that was released on May 20, two days after the earlier proof-of-concept page was published. After we finished talking to the sysadmin, we went to work. One of my friends started upgrading RealVNC on the servers. The other started calling our bosses and tell them what just happened.
They told me to go and clean up the servers, if possible. And I never had as much fun that day at work before. I'm serious.

The first server I checked was the one we witnessed 'PeeWee' working on. Not really knowing where to start, I downloaded a few power tools from SysInternals.com and started snooping around. Mind you, I have written my own security programs, but they really don't compare to the ones you can get off the SysInternals website, all for free. Some even with source code included! They're awesome. And did I mention they started the whole Sony rootkit controversy?

Anyway, after a few hours of snooping around on our poor infected servers, I found the following:

4 of our 20-ish servers had been hacked.
All four had been 'converted' into FXP Warez sites. FTP server, remote access, rootkit, hidden folders for the warez, it was all there.
The hacker was still working on the server we caught him on, so that one hadn't been fully converted. It's possible we would have never found out about this if we hadn't caught him in the act.
The hacker had most likely found used a portscan on the default RealVNC port, found all of our servers, and used the brand new exploit. The only reason not ALL of our servers had been owned, was because they are all setup to lock themselves after a few minutes of being idle. The four servers that are used most often were not locked, and those were the four that were hacked.
The hacker had used the same package of tools on all the servers, though configured slightly differently to have the FTP servers identify themselves as part of different FXP networks. In other words, our friend PeeWee was probably a scanner/hacker for multiple FXP boards.
After I was done fixing the servers (which took me all day, i.e. roughly 7 hours) I had 6 megabytes of crap in zipped folders from each of the four infected servers for our sysadmin to look at. I had already looked at most of it and found a lot of fun things like passwords, FXP board names and the tactics used by these kind of hackers to hide their stuff on a compromised server.
PeeWee's package of tools consisted mostly of a hacked version of the Serv-U FTP server, a few trojans and droppers, a command-line remote access tool, and Hacker Defender.

Now, not all of you might be familiar with Hacker Defender (aka 'Hxdef'), so take it from me: it's the absolute worst of all rootkits. If there is an entry in the dictionary for 'most perfect rootkit written by most unscrupulous person', there would be a picture of Hacker Defender next to it. The guy who wrote is actually started selling it at some point, in a variety of versions on his website (which doesn't exist anymore), ranging from standard (just the rootkit) to 'Gold' (the rootkit, with all possible antivirus-evading technology, a very strong encryption on the .exe and a unique signature) for prices ranging from $100 to $300 or so. The website also included a movie clip from a Windows machine being infected with it, followed by a few minutes of using over half a dozen anti-rootkit programs on the same system, none of which found Hacker Defender. It's that hard to remove. But it's not perfect. Especially not the version that had been installed on our servers.

Basically, all you have to do to remove the standard 'free' version of Hxdef, is run SysInternals' Rootkit Revealer to find the name of the Hxdef service, and stop that service. The rootkit will then remove all of its hooks from the system, and uninstall itself completely. So stopping the proper service will not only uncloak any hidden stuff, it will also disable and delete the associated service! It's great - like groping for the lightswitch in a dark room, finding it, flipping it, and then seeing a circle of monsters around you that have been frozen by the light.
After you stop the Hxdef service, you are left with three files: the rootkit itself (something .exe), the kernel-mode driver (something .sys) and the configuration file for the rootkit (something .ini). The only thing that's left to do is open the configuration file in Notepad, delete the obfuscating crap that has been put in there to evade antivirus detection, and you know what the Hxdef rootkit was hiding. And then you can delete that. In my case, this was mostly ftp server files, Registry keys for hidden services (like 'Logical Disk Manager client services', 'Microsoft Netlog' and more important-sounding crap), and the rootkit files itself. Since the four new FXP sites were not much older than one hour, there weren't even any warez on them yet!

So is removing Hacker Defender that easy?
And do you understand why?
Because the guys at SysInternals are the smartest bloody programmers I know.
http://www.sysinternals.com/ - Thank you, Mark Russinovich and Bryce Cogswell!

Unpimp!

2005-11-30T14:09:00.000+01:00

Dear World,

Please stop using the word 'pimp' for everything that involves making something look or act retarded. It's FUCKING PISSING ME OFF. Pimps are NOT cool.

Love,
Merijn

References:
Pimp My Ride
Pimp My Ride UK
Pimp My FireFox
Pimp My Safari
Pimp My Burger
Pimp My Mint
Pimp My Warthog
Pimp My Cart
Pimp My Congressional Office
Pimp My Bride
Pimp My Faith
Pimp My PC
Pimp My Dell
Pimp My Searching
Pimp My IDE
Pimp My Genome
Pimp My Black Teen
Pimp My Console
Pimp My Scooter
Pimp My Phone
Pimp My Blog
Pimp My Google
Pimp My Bike
Pimp My Weapon
Pimp My Dome
Pimp My Electron Microscope
Pimp My Pet
Pimp My Sunglasses
Pimp My Pushchair

FFS!

Sony vs. piracy: Sony disqualified

2005-11-16T18:24:00.000+01:00

At the end of October, a nice article by Mark Russinovich of SysInternals caught my eye at Mark's blog: it revealed that a rootkit was present on his system, as shown by Rootkit Revealer. After some digging with a few of SysInternals excellent tools, it appeared that the rootkit was actually a DRM protection scheme called XCP from First 4 Internet, installed by a CD that Mark had bought from Amazon. The DRM system that Sony was using on that CD installed an application on the (Windows) system that protected both the CD itself and the software player included on it. This 'application' really was a rootkit, and a very poorly written one at that too. It was actually pretty trivial to crash the system with the rootkit installed, and there was no uninstall option, or any mention of it in Sony's EULA.

Barely a week after Mark posted this on his blog, it generated an outcry that the mainstream media picked up on. Subsequently, Sony released a 'removal tool' for the rootkit, along with a message that claimed the rootkit wasn't really dangerous to your system and did not create any security issues when it was installed. Besides the fact that this was complete bullshit (having something hide all files and folders starting with '$sys$' is not dangerous? hah!), their 'patch' updated most of the existing DRM software already present, and uninstalled the rootkit improperly, possibly leading to system crashes. Also, the music player on the Sony CD's was phoning home to its server, which is not in the EULA either. Sony denied this.

So a few days later, Sony released the patch and announced it to the press only. Most customers still had no idea there was a rootkit on the Sony CD's, and even if they did know, it was pretty hard to get the uninstaller at all, requiring two confirmation emails, allowing an unsafe ActiveX control and using a link to download the thing that is unique to your system only.

This complete saga has led to quite a few results, among which:

F-Secure independently identified the same rootkit
Computer Associates labeled the rootkit as spyware and detects it as such
A class action lawsuit has been filed by the consumers of California against Sony
Players of World of Warcraft discovered the rootkit could be used to cheat on WoW by prefixing '$sys$' on the cheating program, evading the (equally controversial) Warden anticheating system
Several viruses have been identified in the wild that exploit the hiding capabilities of the XCP rootkit
After the above took place, more antivirus companies decided to detect and disable the rootkit
Dan Kaminsky analyzed the severity of the XCP rootkit use and estimated the number of 'infections' in the United States to be several million cases
A list of Sony CD's with the XCP rootkit DRM technology on them was published

And finally, today Sony published a public message on their Sony BMG website about the 'XCP content protection technology', providing a direct link to the patch that uninstalls the rootkit. And leaves the ActiveX control behind. Which has some pretty devastating code in it.

While they originally still refused to call back any of the CD's with the XCP rootkit, they have now decided to turn around and recall the CD's and offering rootkit-free swaps. They also decided to stop making any new CD's with the XCP rootkit.

For your reading enjoyment, here are the excellent posts Mark has written on his blog:

Oct 31: Sony, Rootkits and Digital Rights Management Gone Too Far
Nov 04: More on Sony: Dangerous Decloaking Patch, EULAs and Phoning Home
Nov 06: Sony’s Rootkit: First 4 Internet Responds
Nov 09: Sony: You don’t reeeeaaaally want to uninstall, do you?
Nov 14: Sony: No More Rootkit - For Now
Nov 16: Victory!

Oh, and on a final note, here are the one-line commands to disable the rootkit and the ActiveX control. You can enter them in the Run dialog (Start > Run):

cmd /k sc delete $sys$aries (followed by a reboot)
cmd /k del "%windir%\downloaded program files\codesupport.*"

And remember: the SHIFT key is your best friend! (Though I won't directly say for what it can be used. Might get sued for that.)

How to protect yourself from the Internets

2005-11-08T17:03:00.000+01:00

The Internet is no longer what it used to be back when I started using it (roughly 1995). While this is good in some ways (more information that is easier to find), there's list of bad things so long it would make Al Gore wish he never invented the Internet. I frequently get emails asking me what the best way is to safely use the Internet, and most importantly, surf the web (yes, the WWW is actually a subsection of the Internet).

There are loads of entry points into a common Windows system that could allow a hacker to take control of your system, crash or reboot the system, or steal data. However, these can mostly be divided into a these groups:

Vulnerabilities in Windows or its components
Vulnerabilities in Internet-enabled programs
Default or bad configurations
User error or ignorance

I will discuss each of these to the best of my knowledge below.

Vulnerabilities in Windows or its components
Pretty often, vulnerabilities are discovered in Windows that can allow an attacker to do pretty much everything to your system, while it varies from simple things as stealing cookies to complete remote control. While tempting, this is not purely caused by bad programming on Microsoft's part: Windows is simply used by so many consumers, businesses and even governments that hackers just go for the largest common denominator. After all, the more you use a program, the faster you'll find errors in it. Microsoft has monthly patch security bulletins, in which they release any hotfixes for vulnerabilities of that month. The best way to stay on top of these is to simply on Automatic Updates, which is available natively for Windows 2000 and newer, and available seperately for Windows 98 and newer.
Solution: install security patches, turn on Automatic Updates

Vulnerabilities in Internet-enabled programs
Besides the basic flaws, there are also vulnerabilities in other programs. The most common one is probably Internet Explorer, which has several standing vulnerabilities which can cause your system to be infected with adware, spyware or worse by simply visiting a website. Due to the model Microsoft uses for its software, security may not come in first! Best is to use a different browser for your surfing habits: Mozilla FireFox and Opera are very good browsers that may not have won the browser wars, but make very good alternatives. While Internet Explorer is a major point of attack, file sharing (P2P) programs, email clients and instant messaging programs are the most commonly targeted. For servers, any web services are also frequently targeted. To counter this, always make sure you have the latest version of any programs that use the Internet or act as a server, and shutdown any that you don't use or need. Don't accept or run files from people you don't know over P2P, email or IM, and always have an antivirus program running that scans all files you download or receive. More importantly, if you use antivirus and/or antispyware, make sure they have the latest definitions so they'll be able to detect and delete any threats. Run weekly or monthly full-system scans with both to make sure your system stays clean. Run a firewall so you'll be able to block Internet access to a program that is partially vulnerable or outdated.
Solution: Don't use Internet Explorer. Update old programs, use a firewall, up-to-date antivirus and antispyware

Default or bad configurations
Early on in their rise, Microsoft decided to put user-friendlyness before security, sometimes setting up default configurations for programs like IIS that were insecure. While this does not happen that often, it is something to look out for. Like mentioned before, shutdown any services or programs that you do not need or use. Make sure you properly configure any Internet-enabled programs when you install them, and look up information on the web about securing such programs if you are not sure.
Solution: Properly customize programs, ask for help or search the web for help

User error or ignorance
After all the above, which mostly involves things you can't do anything about, there's always yourself or the people around you. I can't count the amount of emails I have received that started off with 'my son installed something on the computer last week...' and end up in a horrible spyware infestation. Make sure you and your peers know what is right and wrong online, look up information on a program before using it to see if it bundles any programs and functions properly. Don't trust everyone out there, as it is fairly simple for people to try and trick you into running a file, visiting a website or giving them private information. Phishing scams are on the rise and are very dangerous: someone will portray himself as a bank and ask for your account password, for example. Don't be fooled!
Solution: Don't trust everyone, use common sense, educate yourself and others

That's it for now. I'll add stuff later on when I think of anything I could have forgotten.

The Jack Thompson Chronicles

2005-10-18T21:40:00.000+02:00

(Apologies for heavy linkage, but this man is just everywhere!)

I'm assuming everyone who has not lived in China for the past year has a few clues who Jack Thompson is. After stepping into the spotlight by acting as attorney for a murder which involved the violent Rockstar game Manhunt (1,2), he took the world by storm. And by 'took the world', I mean 'left everyone rolling on the floor with laughter', and by 'by storm', I mean 'pointing and laughing'. I mean, this man seems to think computer games are the spawn of Satan, including The Sims! Just look at this (non)interview with the man JT. If the quote 'i’m too busy destroying best buy and rockstar' is genuine, this man scares me.

Not surprisingly, his opinions of ESA, Take Two, Rockstar Games, GTA: San Andreas, and the Hot Coffee mod are not very high. He manages to combine poorly constructed arguments with vicious personal attacks at everyone who disagrees with him, and then fails to see why no one takes him seriously or doesn't want to have to do anything with him.

The fun part actually started when Jack Thompson made a proposal for a violent game himself, challenging any game company to create it. The game itself involved a father avenging his murdered son (murdered by someone who played too many violent games) by murdering everyone from 'Take This', their laywers, 'GameWerks' for creating and publishing the game, as well as Best Buy, Circuit City, Target and Wal-Mart, because they distributed it. The final part involves making a massacre out of E3, since this is 'the Super Bowl of the video game industry', and of course all computer game creators deserve to die.
Jack Thompsons offered $10,000 for charity if any game company would create, manufacture and distribute this game in 2006.

Though originally everyone just made fun of this, and it wasn't expected that anyone would make a game out of this (not because it was too violent, but because game companies don't normally accept game proposals from individuals), it WAS. A mod has been created for, ironically, GTA: San Andreas called 'Defamation of Character: A Jack Thompson Murder Simulator'. You gotta love it.
So what did Jack Thompson do? Yep, you guessed it: he said he was only kidding. So Penny-Arcade, ever the vigilantes they are, donated the $10,000 themselves, in Jack Thompson's name. His response? He tried to get them shut down and arrested by faxing the local police station a letter claiming Penny-Arcade harrassed him! (scroll down on the above link, there's more about that)

On a side note, Jack T also didn't like VG Cats, an online comic about gaming (yes, another one, but this one features cats!). There is an entire page filled with email conversations between Jack Thompson and Scott Ramsoomair (author of the VG Cats comic), which was set up shortly after Scott made fun of Jack, and JT CC'ed Scott on some anti-game propaganda (he seems to do this a lot, CC'ing random people on his emails). It's very surreal to see a lawyer degrade to personal attacks in his emails so fast that your head spins.
Scott's comic is funny, and most of the time pure genius, though sometimes references some pretty old games, but most of all it does not promote violence at all - it's just parody.

It seems this concept is lost on Jack Thompson. Which is why he will also hate the following: The 'I hate Jack Thompson' T-shirt.
If only we could have a tv show about the daily adventures of Jacky T, it would be funnier than Chappelle's Show.

On a final note, check out Jack Thompson's homepage, stopkill.com. Yes, that is his homepage. Seriously. I'd make a comment about 1995 being here to ask for its website design style back, but someone would probably post a comment saying 1980 is here, asking for its stupid joke back.

[Nov 25, 2005] Update! After arguing his (retarded, as usual) case too aggressively, Jack Thompson has been banned from practicing law in Alabama! Though JT is from Florida, this is funny nonetheless.

"I think France should be next."

2005-10-05T18:25:00.000+02:00

Here's a funny video from UniquePeek.com where an (Australian) man asks Americans on the street 'in terms of the War on Terror, which country do you think should we invade next?'. He carries a world map and asks people to put a pin in their country of choice. Answers range from 'Korea - hey're trouble' to 'They'll make a big glass crater out of the entire Middle East, for all I care'.

http://www.uniquepeek.com/fusion_pages/index.php?page_id=213

Now, this would be fun enough for me - watching Americans struggle with non-USA geography and spend a few minutes looking for Sri Lanka in South Africa. But there's more. THEY SWITCHED ALL THE COUNTRY NAMES! So imagine my surprise when the last guy puts a pin in 'North Korea' where Australia is located, and then the camera zooms in to show that Australia is actually labelled 'NORTH KOREA'!
That makes it even funnier ^_^ no one even notices the switched labels!

Enjoy your free Opera

2005-09-20T22:18:00.000+02:00

After giving away free registration codes for their browser on account of their ten-year anniversary, Opera has now decided to switch to the best business model available to customers: free!

After offering their browser in both an ad-supported version as well as a paid ad-free version ($39), they now believe that the two other revenue streams they have (search engine traffic and ad revenues) are enough to offer Opera for free. The Register has an excellent article on this surprising change of route.

Get the newest version (8.50 as of writing) here: http://opera.com/download/

If the UI of Opera is not as much of a 6-train crash pile-up as it used to be when I switched to FireFox, I may even switch back. ^_^

The Best TV Series On The Planet

2005-09-10T16:44:00.000+02:00

Photoshop contests are awesome. :)

Just imagine... you take a tv show about women and sex... and take out Sarah Jessica Parker! It's pure genius.

--
Worth1000.com

Sean Combs needs a new name

2005-09-03T00:00:00.000+02:00

From a great post on TheSuperficial:

http://www.thesuperficial.com/archives/2005/08/30/tyson_beckford_1.html

I should take this opportunity to point out that I will no longer be calling Diddy 'Diddy'. Instead, I'll be referring to him as Señor Walrus Face III. You're not allowed to pick your own nickname, so if you're going to try I'll just go ahead and do it for you. Seriously though, if I could get the media to officially refer to him as Señor Walrus Face III, it would complete my life.

I find this a very, very noble cause. And we have the technology to make it happen. Whoever has a webpage, blog or not, link to the above subject's IMDB profile, as such:

--> Señor Walrus Face III.

Although the fictional new name once offered in Off Centre:

--> Diddles McPeepee.

...is also pretty cool. :D

Americans are prude

2005-08-31T10:46:00.000+02:00

A few weeks ago, I read a blog from a woman who worked in the adult industry for a good chunk of years. I think her current job was to make up non-offensive descriptions for sex toys, so she had the ability to think of several dozen terms for 'penis', as well as at least two dozen to describe a rimjob. I can't remember the URL or name of the blog, but in one of her posts she argued that contrary to popular belief, Americans are not prude. Coming from someone who works in the adult industry, I slightly doubt how objective that statement was. Maybe Americans are just publicly prude, and are really rampaging sex mongers in private.

Anyway, case in point:
Job #1 for America's Attorney General: porn, not terrorism

When FBI supervisors in Miami met with new interim U.S. Attorney Alex Acosta last month, they wondered what the top enforcement priority for Acosta and Attorney General Alberto Gonzales would be.

Would it be terrorism? Organized crime? Narcotics trafficking? Immigration? Or maybe public corruption?

The agents were stunned to learn that a top prosecutorial priority of Acosta and the Department of Justice was none of the above. Instead, Acosta told them, it's obscenity. Not pornography involving children, but pornographic material featuring consenting adults.

[via BoingBoing]

After you've picked yourself up from the floor, either from LMAO, shock or surprise (depending on your nationality), tell me Americans aren't prude. Well, if they aren't, the government sure is making up for anyone who isn't.

Regedit vulnerability: Hiding Registry values

2005-08-28T18:00:00.000+02:00

Last week I started getting emails that there is a vulnerability in the Windows Registry Editor (Regedit.exe and Regedt32.exe) that can cause it to hide certain Registry values with absurdly long names. Here are a few links on the subject:
http://isc.sans.org/diary.php?date=2005-08-24 (also 3 or 4 pages following it)
http://secunia.com/advisories/16560/
http://www.frsirt.com/english/advisories/2005/1519

So the Regedit utility won't show these Registry values, but they're still there. It probably took malware writers only 1.5 second to figure out this means they can hide autorun Registry values, since - unfortunately - the Windows system itself does not hide these values and faithfully runs them at startup when present.

As far as I can see from my tests, this is because the vulnerable utilities use the RegEnumValue() function with a name buffer size of only 260 bytes (the standard, ironically this is normally used as a constant named MAX_LENGTH). Since this buffer receives the name of the Registry value during enumeration of all values in a Registry key, it will fail when the value name is longer than 260 bytes.
Due to an unfortunate coding convention, the error itself is often not checked and assumed to be ERROR_NO_MORE_ITEMS - like a few of my apps do as well - and the enumeration stops there, confident that it listed all values. This also means that, in addition to not showing the value with the really long name, it will also fail to show and values following that, long name or not. Note that this means NEWER values, not ones following it in an alphabetic list.

While messing with a few Registry values with names varying from 100 characters to 100,000 characters (on WinXP+SP2), I noticed a few things:

The size limit for the value name is 16383 bytes, which means 14 bytes are reserved for this name. The page on Microsoft.com about Registry Element Size Limits seems to confirm this. It also says that the limit for Win9x/ME is 255 characters, making those Windows versions immune to this vulnerability.
RegEnumValue(), when it can't retrieve a value and/or its data when either is too large for the buffer, is supposed to return the error ERROR_MORE_DATA and say what the required size for the buffer should be. However, it seems to do this only when the buffer to receive the actual data is too small. When the buffer that receives the value name is too small, it just returns ERROR_MORE_DATA (possibly explaining the cases of programs crashing on long Registry value names caused by infinite loops).

So it seems to me the easiest way to fix this problem, is to use two buffer sizes for the value name, depending on the Windows version:

For Windows 95/98/98SE/ME: use a buffer length of 260 bytes - since the system can't handle setting values with longer names anyway.
For Windows NT4/2000/XP/2003/Vista: use a buffer length of 16400 or so bytes - since the maximum allowem by the system is 16383.

So there you have it. The problem, the cause, and the solution. Case closed. :)

GoogleTalk goes live-ish

2005-08-24T13:28:00.000+02:00

Yesterday, it seems the rumour that Google could be working on an IM client has been confimed not to be a rumour at all. Introducing GoogleTalk!

The service runs on Jabber and has its own server. Google is offering its own IM client, called GoogleTalk, as well as lots of instructions for connecting to GoogleTalk with other IM clients. Note that some of the links on the aforementioned URL are dead, as well as the 'don't see your IM client here? tell us about it' link.

Since using GoogleTalk, Jabber or GAIM is, of course, too easy for me, I decided to be lazy and use my fav IM client Miranda to connect to it. A Jabber plugin for this client is included within the default install, so I figured no problem.

A bit of tweaking, cursing and searching later I have found the following instructions work:

Username: Gmail username, without @gmail.com
Password: your Gmail password
Login server: gmail.com (this is not a login server, but just the domain of your email address)
Check 'Manually specify connection host'
Host: talk.google.com
Post: 5223 (not 5222!)

Since a picture says more than a 1000 words (and the above is a bit short of that), click below to see a pic of the setup:

Note that searching for users (with their Gmail username, no @gmail.com) always seems to return a hit, even if you search for one that does not exist.

Beauty is only skin deep, but stupidity goes down to the bone.

2005-08-03T22:42:00.000+02:00

Not wanting to sound like a teenager in heat, but still being moderately excited about finding the awesomeness that is TheSuperFicial.com, here's some celebrity news that caught my eye.

Renée Zellweger is slipping down some road she only knows. See below 'after' and 'before Hollywood mainstream' pic. Also note the IMDb pic from link above is pretty old. Poor girl.

Scarlett Johansson is cute. I know of no other way to describe this woman after reading this article. Well, other than talented, sexy, pretty, etc.

Tom Cruise is insane. And that's a medical term for his condition. Apart from believing the complete nonsense that is Scientology, marrying Katie Holmes (who's 14 years younger) and assimilating her, he's generally being a condescending asshole and will be raising his children to be exactly like him. O_o
He also may or may not be very gay.

Today's post was brought to you by TheSuperFicial.com. Because you're ugly.

Check this shit out.

2005-07-29T16:28:00.000+02:00

Time for insane scientific articles! If you ever spend a year sifting through scientific articles on PubMed looking for references, you know how completely boring that is. However, the guy linked below had such bad luck, results and assistance, that he wrote the following one-page article, and probably left the department.

Electron Band Structure In Germanium, My Ass. - Picked up from MetaFilter, Feb 2001.

That's possible the funniest scientific article I have ever read. However, the MetaFilter comments also link to this one:

Get me off your f-----g mailing list. (pdf) - Submitted to the 9th World Multi-Conference on Systemics, Cybernetics, and Informatics, July 2005.

Lovely, lovely ladies

2005-07-26T23:11:00.000+02:00

Just watched The Adventures of Baron von Münchhausen on TV. Man, if I had one wish, I'd know what to do. Absolutely. A waltz with Uma Thurman. That has to be the most beautiful movie scene I have ever seen in my life. Props to Terry Gilliam.

Or to be able to run faster than a speeding bullet. That is pretty groovy too. Props to Eric Idle.

The only two things that are infinite are the universe and human stupidity.

2005-07-24T10:39:00.000+02:00

..and I'm not so sure about the universe. (A. Einstein)

It seems there is such a thing as the 'World Stupidity Awards', and also it seems the 2005 awards have just been announced. For some reason, Canada, which was also the hosting country for the awards ceremony, has won Dumbest Government Of The Year (and they were very proud of it, too). I don't live in Canada, or even near it, so I don't know exactly why - but if the South Park episode It's Christmas in Canada is accurate, I kinda see why they won.

Among the more funny awards of this year:

George Bush won Stupidest Statement Of The Year by saying "They never stop thinking of ways of harming America, and neither do we."
Paris Hilton won Stupidest Woman Of The Year (and will probably hold this title for at least another 10 years), as well as starring in the Stupidest Show Of The Year, The Simple Life.
Alien vs. Predator won Stupidest Movie Of The Year - I rather enjoyed this movie so I'd have to disagree. But then again, my idea of a good movie is one where you can go alone, leaving your brain to do your taxwork at home.
Kim Jong-Il won Stupidity Award for Reckless Endangerment of the Planet.

Also, take a look at the nominees. I can't believe they nominated Hitchhiker's Guide To The Galaxy for Stupidest Movie Of The Year. :< The book was awesome. Still have to see the movie, though. Is it that bad?
Also, Stupidest Trend Of The Year should have been War, of course. Seeing how the winner there was something called 'Chrystal Meth' (I have no idea what that is), I guess most voters have been Americans, who must think war is the greatest thing in.. well, America.

Ladies and Gentlemen... the Optimus Keyboard!

2005-07-19T15:47:00.000+02:00

Just caught this article on Slashdot:

Every key of the Optimus keyboard is a stand-alone display showing exactly what it is controlling at this very moment. Optimus is good for any layouts—Cyrillic, Ancient Greek, Georgian, Arabian—and so on to infinity: notes, numerals, special symbols, HTML codes, mathematical functions. Patents pending.

http://www.artlebedev.com/portfolio/optimus/

Can you imagine how friggin' cool that is???

I want one. Badly.

The deal with malware today, pt 2

2005-07-07T15:54:00.000+02:00

In my previous post, I had a small write-up about the first of two major malware problems today (aggressive malware). I just finished my last test today (yay!) so I'd figure I'd write about the second one. Which is, of course, zombie networks, aka botnets.

You might ask yourself, what is a botnet? Well, it's pretty simple. Imagine one person entering the URL to a site in his browser and hitting Enter every second, reloading the page everytime. That puts some strain on the webserver that's hosting that site, but not much. Now imagine 30,000 people doing the exact same thing. A few hundred times per second. Now THAT puts strain on the server, eh? And when the amount of traffic those 30k people are generating is more than the connection speed that server has, no one else can reach it since the bandwidth is 'full'. And it'll probably crash from the traffic overload. Worse still, if the server runs some commercial website, it'll lose money when it's down. And don't be surprised when these damages rack up several thousand dollars.
So basically, that is what happens during a DDoS - Distributed Denial of Service. A botnet owner (short for 'robot network') has control over several hundred to several thousand of computers all over the world ('zombies' or 'bots') and can make them attack a server (or, in fact, ANY computer that is online) all at once. He does this by tricking the computer user into running a small program which plants the bot on the system, which then waits for orders from its owner. At its command, it starts sending out network packets to the specified target as fast as it can until it's told to stop.
Did you pay attention here? The key step is tricking the computer user into running it. See what that means? It means if you don't accept files from strangers, you can help stop these attacks. You can help prevent online companies from losing thousands of dollars. And all you need is common sense. Which is free. Unless there's a bot on the loose that spreads by security holes on your system. In that case, you eiter need to close the hole, or install a firewall. Which is sometimes free.

So how much of this DDoS practice are we seeing nowadays? Well, things started out pretty easy with this news article, detailing on a DDoS (Distributed Denial of Service) attack on Yahoo, eBay, CNN and Amazon in February 2000. You'll probably remember it. Though only Yahoo and eBay were actually off the air for sometime (the other two were just much slower), this marks pretty much the first big zombie network attack. It was also pretty big in the news, making people aware of this type of attack. In vein.

About a year leater in May 2001, Steve Gibson's GRC.com was hit with a similar attack. Being the techie that he is, he wrote a detailed page about it and put it up. Unfortunately, by drawing this much attention to him, he has become a testbed for a lot of small botnet owners who just want to 'check if their 'net has enough force to packet a big site'. Not funny. Not very surprisingly, he was attacked again on January 2002 using a slightly more sophisticated attack. These are just a few examples of attacks. Some nimrod tried attacking the Microsoft.com website once, but that server had such a massive bandwidth that he could barely make a dent in it. A few worm viruses have tried this as well, but only with neglegible results.

The frustrating thing about being hit with a DDoS attack, is that you can't stop the actual flow of data to your server that's crushing you. Imagine it's raining really, really hard. How much of a chance do you stand making all the clouds stop dropping raindrops? That's what I thought. What you can do, however, is build a roof over your head to prevent the raindrops from actually reaching you, and hope things'll blow over fast. If you read the first DDoS report on GRC.com (linked above), you'll see this is exactly what Steve Gibson did: he had his upstream provider filter out all the suspicious packets. This didn't stop the attack, but it did stop the attack from bothering him. A good friend of mine had his anti-malware site attacked sometime ago as well. He now has an ingenious system with several proxy servers setup to prevent this kind of thing from happening again. My own site has been hit with a DDoS attack as well once, and there wasn't much else I could do than copy all content to a website mirror and ride out the attack. The only thing that really helps is preventing the installation of these zombie bots in the first place.

Taking out zombie networks (botnets) is pretty hard. Short of breaking into the controller's house and forcing him at gunpoint to command all of his bots to perform the 'uninstall' command (almost all bots have this), you can't directly control the bots, since 1) most of the time access to the bots is restricted by a really long password, and 2) this password only validates if you're on the right IP subnet. In other words, only if the master controller himself logs onto his ISP account and issues the correct password to the bots, does he actually get to tell them anything. Otherwise they'll just ignore him. Bots are funny like that. Anyway, since most of the time the central place the owner meets his bots is an IRC server (all the bots connect to this server and wait in some channel for commands), you CAN get this server shut down and all the bots will be harmless.. albeit still alive. Unless the controller somehow gets the bots to connect to a new, different IRC server. Rinse, repeat.

So... how do you know if you've got one of them zombie programs on your computer? Well, frankly, they're a bit hard to spot. There's a few technical test you can do, but I've found that these often lead to mistakes and panic, followed by a lot of screaming and shotgunning your monitor.. etc. Better ways to detect this stuff is just your eyes. If the 'send' or 'upload' light on your (cable/DSL) modem is constantly on, even if you're doing squat, something on your system could be sending lots of data somewhere where you don't want it to go. You can also check this with bandwidth monitors like DUMeter, Bandwidth Monitor and NetGrid, which monitor your Internet traffic and display it in a fancy graph.

Secondly, how do you prevent getting a zombie? Well, in some cases you need a sjamaan to cast some spells and nail a plucked dead chicken to your door, but in the case we're interested in, all you need is a brain. I think most of you already got one, too. Just use common sense. If you get an email that claims to be from 'Microsoft TechNet', urging you to install the attached security fix, don't. Microsoft doesn't send out fixes over email. To anyone. If you're on a website that claims it can see your entire harddisk and offers a patch to prevent this, don't. You can see your own harddisk too, by typing 'C:\' in the address bar. What that website does is the same thing. If some buddy sends you a file over MSN claiming 'zOMG this gam is AWSOME!!1one LoLZ', at LEAST scan it using whichever antivirus program you have. Better yet, let 14 anvirus programs scan it by uploading it to virusscan.jotti.org. For free! For all other cases, use common sense. It's stupid not to run an antivirus scanner. It's stupid not to run a firewall if you still have Windows 98 or Windows ME (or even older). It's stupid not to install security fixes from Microsoft. Now go outside and be not stupid.

The deal with malware today

2005-06-26T15:29:00.000+02:00

Recently there has been a lot of buzz on public news sites about zombie networks used for launching DDoS attacks, and aggressive, evasive malware. The way I see it, these two problems are currently the biggest ones on the Internet. And by this, I mean the two problems which are the hardest to solve.

When I first got into the antispyware business, things were pretty easy: if your IE security settings were too low, some ActiveX applet would dump a Registry script on your system and set it to run at startup, causing your startpage and search pages to be hijacked whenever you booted up the system. Nice and straightforward, and easy to solve - once you knew where to look. Spyware and malware were very young then, and it had only recently been exposed to the mainstream news by Steve Gibson's OptOut. For the first time it became clear that it was possible to sneak something (non-viral) on your system piggybacking on an 'ad-supported' program, that was left behind when the host program was removed. Still, things were pretty quiet on the bad guys' side. Techniques that were used were fairly simple, files were easy to detect and remove.

But then things started getting nasty. Malware started using exploits in the Internet Explorer browser to sneak stuff into your system. CoolWebSearch was one of the first to do this, but since then have shifted the blame on their 'affiliates' in what seems to be the general trend now: companies that encourage their affiliates to get users to install their software in whatever way they can, looking the other way while these affiliates use various exploits, that were posted on the full-disclosure list. Since the exploits posted to this list frequently included proof-of-concept code that was easily modified for malicious purposes, most of the exploits used by browser hijackers and drive-by malware installers have simply been plucked from this mailing list. Among the exploits used were the Java.ByteVerify hole in the MS Java VM, an Outlook Express Cross-site Scripting vulnerability, and some unsafe ActiveX objects that crossed the Internet Zone, lowering security and allowing write access to the system.

Still, though keeping the system up to date from Microsoft (keep in mind all these exploits applied only to MSIE on Windows) didn't always protect you from being infected, all these hijackers and pieces of advertising malware were relatively easy to remove. Kill the running processes, kill the autostarts, kill the files, kill the Registry keys and values. Using common sense, a little experience and those steps (in that order), any malware could be removed, even without any additional tools like process managers, antispyware or antivirus programs.

Even when the next step was taken by the bad guys, it took little effort to defeat this. When malware started to emerge that scanned the system's memory for antispyware and antivirus programs and closed these (forcefully), all we had to do was rename the process manager file and kill the malware processes before continuing with the normal cleaning procedure described above. When malware started to use multiple processes that kept each other alive, the 'Delete this file on reboot' option all Windows versions had (though hidden) worked with only very few exceptions. And there was always Safe Mode in those few cases - which loads only a very bare Windows shell.

But then disaster struck. A variant of a browser hijacker emerged that hooked a few Windows system functions and hid itself from Windows itself. This behaviour is commonly known from programs known as rootkits. This type of applications is basically the next generation of Remote Access Tools that emerged around 1999-2000, hiding itself on the infected system, giving the remote attacked complete access to the system as if he were sitting behind it. Rootkits took this one step further, by hooking system functions of Windows and filtering out any information that pointed to itselves before letting Windows read it (and pass it on to the user). This essentially made them invisible down to a very low level.
When malware started to use this, at first they just included a common rootkit like HackerDefender, setup to hide the malware processes, files and Registry keys. Later on the malware itself incorporated rootkit-like features.

We're standing at this point right now - malware using rootkit techniques to hide themselves, and reinstall themselves when something is removed. Though they also started bundling each other with themselves, effectively installing more malware onto the infected system again and again, the main problem is still the rootkit behaviour.
One of the main reasons why this is so hard to detect by antispyware and antivirus tools, is that the scanners aren't on a low enough level to bypass the layer of smoke the malware pulls up. Also, these pieces malware often use random filenames and some polymorphic code so two files are never the same, and signature scanners can't find the files, essentially leaving it up to a competent technician to manually find and kill everything. And that, is exactly what a computer program doesn't have: common sense.

Next up: botnets of spam zombies.

Sin City - the way comics should be made info movies

2005-06-23T11:33:00.000+02:00

A few days ago, I went to see Sin City with a few friends (after the usual fast-food run before that). I really gotta say, that movie rocks! It has to be one of the best comic-to-movie adaptations so far, if you're going for a great story with good acting. For great action shots, of course, you have to see Spider-Man and Spider-Man 2.
But anyway, Sin City really is an awesome movie. What's not to love about the 'Marv' character who's basically a human tank with a really bad attitude and a dark sense of humour? I mean, really, he gets shot in the chest like 5 times throughout the movie and run down by a speeding car a few times, and he just GETS UP. ('Don't worry, it's just a few scratches.') Nice job Mickey Rourke! I like that bit about this movie - characters don't just play dead after being shot once.

The one thing I really was afraid of wasn't there - Hale Berry. When I first saw the movie poster (you know the one) and the trailer, I feared Hale Berry was starring some main part in it. And I really hate that woman. Not because she's black, but because she's a shitty actress with less sex-appeal than a doormat. After scrolling through the cast list on IMDb, it appeared she wasn't even on the list. Great, I thought, she has this teeny-weeny role in the movie with 6 words, and she's on the frigging movie poster?? Phew. She wasn't. Rosario Dawson really was a much better choice. I just love the look of sadism in a woman's eyes. ;)

Another small thing that disappointed me was that even though Quentin Tarantino is the special guest director, he didn't manage to squeeze his 'muse' into the movie: Uma Thurman. God, what I'd have given to see that woman dance like Jessica Alba did in that movie. Hmmmm... (on a side note, the swords Miho uses are the exact same as the ones in Kill Bill :)

All in all, Sin City reminded me of the first Matrix movie a bit. The camerawork is similar, with those impossible angles, close-ups and positions you'll only see in a comic book. Really cool. Definitely worth its money.

FireFox AdBlock training

2005-06-11T15:39:00.000+02:00

Just a quick tip for those starting off with a fresh AdBlock install on FireFox: when you have a few hours of slacking available, go to GeekIssues.org and browse a few links. Filter any ads you run into, with partial URLs like .doubleclick.net, .burstnet.com, rad.msn.com, */ads/*, */ads?, .ads? etc, and you'll have AdBlock properly trained within a few days. Plus some entertainment.

That is, if you prefer not to use the gruesome, horrible RegExp expressions from their forum.

Btw: heed the warning in red at the top of the GeekIssues page.

And in the blue corner, Symantec

2005-06-08T22:10:00.000+02:00

Just got this over email:

http://www.theinquirer.net/?article=23801

Symantec wants a court to allow its software to identify some programs made by Hotbar as adware.

Hotbar, which is made by a Microsoft partner, Hotbar.com, is a kids add-on that personalises email and browsers. It gives a range of smiley faces for users to play with and gives access to search, skins and yellow pages.

However, HotBar also tracks web site visits and also has an autoupdate feature. Some users find it tricky to remove.

That just brightens up my day. All those spyware companies sueing people willy-nilly screaming 'we're not spyware! our software shows 26 popups a minute and tracks pretty much everything from your surfing habits to your email to your dog, but it's not personally identifiable!!!1' were really starting to piss me off, because you just know they're full of it. They just update their crap to not report your email address back to their servers (which ofcourse, it did in the first place, along with a hundred other pieces of info you don't want to see out on the 'net) and then claim it's not spyware since the info is 'not personally identifiable'. I even got a few emails myself like that, even though my software doesn't even target specific malware (nobody reads help texts anymore today). Seeing an antivirus company hit a spyware company with a lawsuit for the right of calling it 'spyware' just has me going 'YEAH! PRE-EMPTIVE STRIKE IN YOUR FACE!'. Symantec isn't exactly the coolest company to me, but this sure boosted their rankings in the awesome-o-meter.

XML is the coolest thing on this planet

2005-06-08T20:54:00.000+02:00

I had a class today about my currently favorite subject: XML. It's actually a 7-week spanning subject, but it just keeps getting more fun all the time. Seriously, hear me out though.
So they start off in the first week with the basic stuff: tags, attributes, XHTML. I think ok, that's pretty easy and pretty much well-known by everyone in class. But anyway, no use rocking the boat by telling the teacher to speed it up. More time off means more time to party. But over the course (sp?) of the past few weeks we've been going steps up on the ladder every time - and it just amazes me how much can actually be done with XML. Really, you have no idea. The first revelation we got was the CSS style sheets you could use to make it appear like a normal HTML website. That was pretty cool. But next, we got into XPath which allows you to dynamically reshape the content on your HTML website. Like, when you have a list of people in XML with their names, birth dates, death dates, shoe sizes etc, you can make a table with this info, sorted on any of those properties. Sounds like fun, huh? Yeah I thought so. Anyway, with this XPath you can select a certain node (element) of the XML file, making the exercises incredibly funny with questions such as 'what XPath query selects the birth country of the second Greek author that lived for over a 100 years?'. Seriously, some of these questions had me in stitches.

Then we had the introduction of XSLT stylesheets, which you can use essentially to completely mess up the content of the XML source file and present it as something completely different in HTML, that even validates at the W3C! Amazing.
Now this last week, they've slowly eased into making for-each loops in XSLT stylesheets, using variables, conditional stuff, and this is starting more and more to look like an actual programming language. Mind you, I started this class expecting to do some light HTML coding and ended up learning a whole new programming language. This stuff just blows me away.
Now today, we had some important guy in a business suit give us a lecture about the business equivalent of XML, named XBRL. You can't make this stuff up. According to him, XML is the only way businesses can properly communicate without wasting weeks or even months of time manually reading reports created with Word, only to input them in their own database and create Excel sheets from that. So instead of your tax report taking three months to process and verify, if XBRL would be used, this would take three hours. Well, hook me up and call me Scotty, where can I get some of that?

The W3C really put some effort into this XML standard... and it's only at 1.0! I'm really amazed over and over again by what you can actually accomplish with it. I almost expect them to fully convince me to stop using ASP, PHP, MySQL, C++ and VB next week, only to replace it with one alternative, the one language, the only language, the language that can do everything, the one language to rule them all.... XML!

Penny-Arcade is funny on occasion

2005-06-08T09:53:00.000+02:00

Usually, the online comic Penny-Arcade has episodes covering games I barely even heard of, or satires so sharp I can barely even grasp the tinest bit of wisdom needed to begin to understand them.

Occasionally however, they come up with gems like gems like this. And it just makes my day.

Games, games, games

2005-06-06T21:50:00.000+02:00

By the way, before I forget this: if anyone ever comes here (which I doubt), these games you must play. Absolutely. And they're not your run-of-the-mill FPS shooters or something either. Old games are back with a vengeance!

Doukutsu (Cave Story) - http://agtp.romhack.net/doukutsu.html
Japanese game, platform (don't forget the English language patch). Very sophisticated story, but not confusing. Much.

Bejeweled (1 or 2) - http://www.popcap.com/
The greatest Tetris variant of all time. v2 is even more fun.

Gish - http://www.chroniclogic.com/?gish.htm
A friend described this game to me and started like this: 'it's a platform game, but get this:.... you're a ball of tar.'

Mario Forever - http://www.buzg.prv.pl/
A one-man conversion of Super Mario World from the SuperNes... for the PC! Written from scratch, with all new levels and 8 worlds with increasing difficulty.

We apologize for the inconvenience

2005-06-06T21:43:00.000+02:00

Um, hang on. I'm not entirely sure how this thing works yet. Bumps and doubleposts ahead. It also appears that I have written the previous post in 3 minutes.

Blah This should be a link blah.
Could we get some bold eagles around here?
Or maybe some Italic pizza, pizza is nice.
Dude, don't go swimming, the underline is madness.

Oh well, this blogging thing is relaxing at least. But enough for today. I'm going to get my drinking buddy and get hammered, it's 10 PM here after all.

(B)

Fixing ancient computer systems is fun

2005-06-06T20:58:00.000+02:00

Right, so what better way to bore you all then to share a computer horror tale of this last weekend? You see, I had to help my dad and a few other people move all their stuff for work to a new place, and the computers were coming along. That sounds pretty standard, doesn't it? Yeah, I thought so.
Anyway, whichever work my dad has been doing, he has been doing this for a long, long time. It's none of your business what exactly he does, but it's usually followed by a stay at the university of roughly seven years where he spends memorizing lating names for all the bones in your body, as well as a few other things. In latin. So back to computers - he has a few he has been using for AGES. I'm really not kidding, there was this dinosaur I used to play Zaxxon on back in 1987 that was still working as a router/gateway for our whole network until about 12 months ago until the motherboard died. The computer that kept me busy for the entirety of the last weekend was the second-oldest system.

Back when Pentiums were barely even heard of (and I mean the Pentium ONE (1)), my dad got one. 120 million mind-crushing cycles per second it did, and it's still working mostly as of today. So we had all the stuff moved from one place to another and I was called in to help move stuff around, unpack and set up computers. The friday before it seemed this ol' Pentium 1 had been the last computer that was setup (all the ones were purring along nicely), and it didn't 'see the network' (sic). This I heard when I was barely coming into the new place, and friendly me offered help to take a look. Behold my amazement when I walked into the room with said computer, which was crowded with SIX IT TECHNICIANS, all trying to get the damn thing to work. Most of what I saw on the screen was the Win98 dialog 'Windows is building a driver database, please wait...' and network cards were strung around the room, eager to prove themselves and get the behemoth on the network. Mind you, at about this time I heard things had to be up and running by MONDAY MORNING. Yikes.

With six people crowding around the system, I wasn't going to add to the crowding. Since, you know, there was enough of it going on already. So fast forward about 16 hours, to next day morning. Ish. I like to sleep in. Brought meself a bootdisk or two, since after the 'techs' were done 'fixing' the computer, the damn thing wouldn't boot at all. All the while I had been slugging around countless heavy boxes, throwing around looks that screamed 'why aren't you doing something??? look at me, I'm all different sorts of busy and you're eating donuts??'. Apparently only girls can do that in a way that is actually understood.
So I boot the damn system without the bootfloppy first, just to be sure. Lo' and behold, I am greeted with the feared 'Invalid system disk, replace and press any key to continue'. Yes, I checked. There was no floppy in any of the drives. Enter the bootdisk and reboot. Grind grind grind. DIR C:. Returns: nothing. Yes, the drive was empty. In less than 24 hours, either the techs had been so stupid as to erase the entire hard disk, or something seriously screwy was on with this computer.

So I stick my head out the door and yell 'dad! got a Win98 setup CD laying around somewhere?'. He has. Great, in half an hour I'll be up and running. So when he brings me the CD, he informs me that even though the system has no functioning network card, there's two gigabytes of data on the system that needs to be on the network by monday morning. Crap. The one good thing is that this 2 GB is not on the C: drive, so whatever I can throw at it won't affect this precious data.

So I slam in the Win98 CD and start copying the thing to the hard drive. (You know, of course, that I do this because a) Windows installs faster from HD than from CD, and 2) I don't need the CD all the time like this.) I run the Setup utility with a few switches to turn off the commercial bla-bla and start it. Just as I start to leave to get some caffeinated beverage, Setup throws an error in my face, that of all things, says 'An existing version of Windows has been detected that Setup cannot upgrade. Setup will close now'. OK. Seriously, what the hell? This drive was blank five minutes ago.

I reboot the system and do a DIR listing again. Whoa! That wasn't here before! Suddenly I see a whole system on the C: drive that looks ready to go. So this means, either I'm going crazy, or the FAT table on the drive is being a bitch. (The FAT table is like a table of contents for the drive. Without it, you don't know what's on the drive, but it's still there.) OK, cool. All the stuff is still there. So I think, all I need to do is load up Windows, figure out a way to connect it to the other computers and copy over the 2 GB of important stuff, right? Right. Right after I run ScanDisk a few times, since I trust the FAT table about as far as I can throw a fat table.

Right away, MS Scandisk panics and tells me the FAT table is icky. Yes, Sherlock Holmes, that I knew. Now fix it. This overly obvious disk error is then followed by roughly 4 hours of grinding, fixing, waiting, and shouting on my part of the general fucked-upness of the hard drive. Bad folders, bad files, lost chains, lost clusters, you name it. Come to think of it, most of it was probably my fault since I copied about 125 MB of data to the disk from the Win98 Setup CD, overwriting the existing data which was still present than but just not visible, due to the state of the FAT table. Curse that thing. So I spent about 4 hours of alternating between MS Scandisk and Norton Disk Doctor trying to fix the drive and clear it of errors. This was then followed by even more fixing, since a few system ini files were majorly borken and overwritten on random places with characters like þ and ý. So FINALLY... I boot up Windows 98. Fancy logo, lots of chugging, which is then followed by... a sort of green picket fence of Doom. It looks sorta like the video card took a dump onto itself and went insane. The system crashes. And turns itself off out of pure self-pity, and goes to quietly sob in the corner. When I turn it back on it seems I'm back to square one, because it seems the FAT table took shore leave again and I'm left with a blank disk again! By now I'm majorly pissed off, and my dad comes look what the hell is going on after hearing a mind-splitting roar of frustration from the room I'm in. We call it a day and go home.

Next day, next day, next day! Prepared for another round of nimble-footed boxing with ye olde com-poo-tor, I pulled out a few more tricks and took my serial null-modem cable, parallel cable and a few floppy disks full of utilities that claim to be able to transfer stuff over said cables in DOS. I'm determined to make this work. I'm such a masochist. Note that BOTH the cables I bring have been soldered together by my awesome dad, some 20 years ago. How I remember playing Quake 1 over the null-modem cable with my friend, ah... Those were the days. So now this is the day of data judgement: either I tranfer those 2 frigging jiggabytes of whatever-the-hell-it-may-be (work stuff son, you don't need to know), or I toss the damn system off the 15th floor. Yes, the building actually has that many floors.

First item on today's list is continue where I stopped the day before this - run ScanDisk until the drive is healthy again. No big deal I figure, the FAT table disappeared earlier, right? All I have to do is restore it and the system will be just the way I meant it to be. And indeed, right off the bat Scandisk detects and restores the FAT table. I think. However, the next thing it does is go into a flurry of dialogs saying, as I see it, the best error message Microsoft ever cooked up. It tells me, and I quote, that 'some clusters were found that used to be folders. These folders were restored, but since the contents of the hard disk changed, the scan has to restart'. Even better is, that in the language this Windows box is in, this message somehow expresses surprise. It sounds more like 'wtf? I found some clusters that, apparently, used to be folders!'. It then goes on to try and piss you off by saying 'since the contents of the drive have changed, the scan will have to start all over again! hah!'. Best error message ever. It had me in stitches.
So then this same error shows up about 40 more times, and I'm starting to get suspicious. Why are so many lost folders found when the FAT has been restored? Hm. When the scan finishes and the drive is all shiny and happy again, I drop back to DOS and do a DIR listing. Whoa! Holy crap! This is something I've never seen before: the *whole drive* now consists of files named 'file0001.chk', 'file0002.chk', etc, as well as folders named 'dir00001', 'dir00002', up to 'dir00047'. O_o;
Soooo... it seems the FAT table was not restored the way I wanted it to be. After some digging it turns out 'dir00035' used to be the Windows folder in a previous life, and 'dir00014' used to be the Adobe Acrobat folder. After doing a feeble attempt to rename all these folders back to whatever they used to be ('move c:\dir00035 c:\windows'), it occurs to me that I don't *need* Windows to boot on this thing. After all, the parallel cable and the file transfer utilities all work in DOS anyway. Cool.

So after a few minutes of messing with ancient system files you probably don't even remember (does the name HIMEM.SYS ring a bell?), I hook up the parallel cable to the borken system and another (working, networked) Win98 PC and start trying out the parallel-cable-file-transfer utilities. After a few tries, I actually find one that works! (>^_^)>
Such a miracle of technology, it transfers files across the cable at about 70 kilobytes per second. Don't laugh, that was fast as hell back in the days when I wasn't even born yet. So I steal my dad's PDA to calculate how long this is going to take. It spits out the numner 'About 7 or 8 hours'. Cool. Being a sunday evening, this means it'll be done at about 5 o'clock this night. Sweet! Mission: success. This is not mission: difficult man, that should be a walk in the park for you.

So once again, this proves that ancient computer technology can still whip your ass. Do not underestimate the power of a printer cable with plugs on both sides!
Next time I get the chance, I'm totally coaching my dad into upgrading all systems to something like Windows 2000. Aw yeah.

tap tap Is this thing on?

2005-06-06T20:55:00.000+02:00

OK. So... on to the daily compaining that I'm supposed to do here, judging from most of the Blogs I've seen so far. I've been told I have a humorous way of writing stuff, but we'll see about that.

Also, Tjitske is hot stuff.