Robert W. Rose

My debit card uses Verified by Visa, a service where online purchases through member banks ask you for a password to complete the purchase. One problem with this service is they have some lame password restrictions (a-z, A-Z, 0-9, no special characters) so I can’t use my “common” set of passwords with the system, and I don’t use the system often enough, therefore I’m always “forgetting” my password.

So I just did a transaction with a domain registrar in France, failed the password check, reset my password, and then completed the transaction. Two minutes later I got a phone call from Visa wanting to verify that it was in fact me who performed the transaction. It all could have been avoided if they had just posted their password requirements when you go to login. I wish all websites would post password requirements on their login screens.

I don’t think posting password requirements would be that big of a security risk, since if you’re trying to break into the system you probably figured the requirements out through other means (like another account you created on your own, or bozos like me that post the password requirements elsewhere–see above). Almost every single time I have to click the “forgot your password?” link on a login screen I didn’t actually forget it–I just couldn’t figure out which password I had used because I didn’t know their password requirements. It usually goes like this:

“Oh yeah, this is the site that only allows letters and numbers, and you have to have at least two of each. I want these last two minutes of my life back thank you.”

Sometimes they add insult to injury by forcing me to change my password when I click on the “forgot your password” link. When I pick a “new” password I end up discovering my old password when they say, “your new password can not be your old password.”

Grrrr!!!

I’ve found several places around the net where claims are made that Lua is reentrant, but I just found a case (on my platform at least) where Lua is not. I discovered a bug in our system where Lua was being preempted right in the middle of a number to string conversion and the end result was invalid. (Of course, this only occurred about 1 in 200 runs of the code, which made it challenging to figure out what was going on).

The number to string conversion is performed with sprintf(), and sprintf() is not required to be a reentrant function. I’m sure it is on major platforms (Windows/Linux) but unfortunately it is not on ours.

The problem occurred when this sequence of events took place:

* Thread 1: Call Lua, Lua calls sprintf()
* Thread 1 is stopped within sprintf()
* Thread 2 is started
* Thread 2: Call sprintf()
* Thread 2 is stopped after sprintf() completes, Thread 1 resumes

Lua script like this would frequently exhibit the problem:

for i=1,10,1 do
local string = foo .. i
end

The concatenation operation would result in foo + bar instead of foo + i, where “bar” is a fragment of the sprintf() operation left over from Thread 2.

A possible fix for this would be to have Lua use an ftoa() implementation instead of sprintf(). However I fixed it in our case by simply not performing sprintf() in the second thread (this issue was isolated to one portion of our execution fortunately).

If your code is “proven” to be reentrant, but you rely on another library that is not proven, can you still claim your code is reentrant?

I’m going to “officially” endorse a product that I use, and love to use: The Kinesis Freestyle USB Keyboard is hands-down the best keyboard I’ve ever used. I’ve had the keyboard for about 6 months now and I’m 95% satisfied with it.

There are two things I like most about the keyboard:

1) Ultra-low force keys. The keys on the Freestyle are really easy to depress, but they still have a lot of spring to them and the perfect throw distance.

2) Low profile. There aren’t that many adjustable ergonomic keyboards available that are low profile. I have a hard time typing without resting my forearms on my desk, and a low profile keyboard allows me to do that without bending my wrists back too much.

There’s only one thing I don’t like about the keyboard: The position of the Windows key. (I hate the Windows key. I don’t know why, I just do. I wish it wasn’t on any keyboard.) I wish the key was more off to the side, because I find myself hitting the edge of the Windows key when I’m trying to hit the Alt or Ctrl keys. If I could reprogram the keyboard to make the Windows key a second Ctrl key I’d be 100% satisfied with it.

A note to Kinesis: I almost didn’t buy your keyboard because of this stupid ad you put on YouTube. In it you make fun of the Key Ovation GoldTouch Keyboard. The GoldTouch is my third favorite keyboard*, and I thought it was highly unprofessional of you to trash your competitor in that fashion. What did they do to deserve that? Did the GoldTouch team noogie you at the ergonomic products convention last year or something?

* What’s my second favorite keyboard? The keyboard on the Aluminum 12″ PowerBook G4!

I upgraded to Firefox 3.0 RC1 last weekend. That lasted about 36 hours… I didn’t really care for the new UI enhancements, and there’s no way to disable many of them.

* Who’s idea was it to fundamentally alter the location bar’s behavior? Instead of working like an address bar “auto-complete” it searches all of the meta-data related to the URL: address, page title, keywords, etc. This is totally worthless to me, a bit distracting, and a major shift in the way I’m used to working. Here’s someone else with the same complaint: Awesome bar still a piece of junk!

* What happened to the “forward history” pull-down menu? I never realized I used that feature until it went missing in Firefox 3.

* What’s with the RSS feed and glowing star icon in the location bar? Who cares? Get rid of it!

* I don’t like the design of the new downloads window. Yes, it’s more compact but no where near as aesthetically pleasing.

* I don’t like the highlight delay when mousing over tabs. I want instantaneous feedback, and the 0.5s delay in there when mousing over a tab is distracting when your eye isn’t immediately over it. Again, it’s one of these things I never realized I did with Firefox, but I’ll frequently switch tabs using the mouse without even looking directly at the tab, and that slight delay impedes my ability to do that.

In the end, the location bar alteration was the deal breaker, I don’t have the patience to adjust to it at the moment. It seems like the kind of thing that needs to pop-up when you hit ctrl-space, or at the very least you need to be able to disable it and get the old behavior back.

I was impressed by one feature of Firefox 3 however: You can upgrade to 3.0, uninstall completely, reinstall 2.0 and retain your bookmarks and settings! Woo-hoo! That’s quality software.

Clinton and McCain have proposed temporary gas tax relief for this summer. Obama is talking about a windfall tax on oil profits, which seems appropriate given Exxon’s record profits this year. Somehow through all of this the candidates are saying these plans will 1) give some financial relief to driving Americans 2) reduce our dependence on foreign oil and 3) reduce our oil consumption.

How, exactly?

I fail to see how reducing the gas tax would accomplish any of these three goals. The market is clearly able to withstand $3.75/gal+ gas prices, as is demonstrated by only a 1.1% decline in gasoline consumption this last year. Until consumption drops another 1-2% I doubt demand will have any influence on price. A federal tax cut of $0.18/gal would likely go into the pockets of gasoline distributors, not consumers. Even if the savings were passed on to consumers, the benefits to the individual would be negligible, and would only further increase demand. Failure on goals 1 & 3. No progress on 2.

I completely fail to see how a windfall tax on oil profits would help anyone. The pocket-lining standards have been set at the oil companies this year, and they probably won’t want to give that up, so they’ll just end up passing the new expenses onto the consumer and their exploration budgets. They’ll cut exploration which will dry up supply even more, bringing oil prices up yet again and, if we can stand $4.50/gal gas (which I believe we could) then they’ll be right back to their Spring-2008 profit levels again.

I can think of a simple way we could accomplish all three goals: nationalize the oil companies. We have nationalized electricity generating facilities, why not oil?

Short of nationalizing oil companies, I can’t see a quick solution for goal #1: providing financial relief for American drivers. The bar has been set with $3.75/gal gas. If we didn’t want to pay that much for gas we shouldn’t have bought it. Now that we have, it’s too late, the hook has been set.

A long-term play for fixing #1 would be to substantially increase the value of the US Dollar relative to the OPEC member countries’ currencies. However this isn’t something the government has much control over anyways, and would only increase oil demand and consumption in the long run.

The simple solution for #3 is to throw #1 out of the window. If you want people to use less gas, make gas more expensive. When I think about what price gas would need to be before I would seriously consider not driving as much, it’s probably in the $5-6/gal range. If gas were $6/gal today I would likely ride my bike everywhere, even in bad weather. But it’s not, I live 7 miles from work, and the temp has been around 40 degrees in the morning lately.

I was thinking this evening about reducing our dependence on foreign oil while simultaneously reducing our oil consumption, and I started to wonder: what about an oil import tax? A google search for oil import tax returns surprisingly few results, the only relevant hit being an article about a 1987 Harvard study proposing a $5/barrel tax. Most other articles are from the 80’s. So are we doing this currently, or was this an idea that was long since abandoned?

Hydrogen fuel cells generated from nuclear reactor power. Send nuclear waste up space elevator and rocket at sun. Problem solved. 🙂

Preface: This entry was hard for me to write. I’m not an Apple die-hard, but I do recommend Macs all the time to family and friends. In the past, Apple hardware has been reason alone to buy a Mac. I don’t believe that’s the case anymore. Something happened to Apple, they lost their edge…

I got a new MacBook Pro about a month ago, and although I think I’d be even less happy with an equivalent PC laptop had I gotten one, there are a number of things about this laptop that either irritate me, frustrate me or disappoint me. Although it’s bigger/faster in the ram/cpu department compared to my previous Mac laptop, a PowerBook G4 12″, in many ways it feels like a huge downgrade.

* Irritation: The keyboard sucks. The keyboard on this thing is so bad I’m tempted to go “youtube” on it and make a video demonstrating how bad it is. There are places on some of the keys where you can press them down but it won’t register a key press. I think the root cause is they replaced the mechanical lever/spring action of the previous keyboards with a cheap flexible rubber. The arrow keys still use the mechanical lever/spring configuration–they’re the only decent keys on the whole keyboard. Because of the poor keyboard I find myself “punching” the keys and gritting my teeth unconsciously.. and then my wrists start to get sore.

* Frustration: The headphone output is simply unusable. There’s no other way to put it folks; the headphone output is not usable, and I’m not the only one with this complaint. There’s a ton of high-pitched noise that is impossible to ignore at lower volumes, it drives me crazy. Forget doing any audio work on the MacBook Pro. I was looking forward to getting intel versions of my favorite production tools, I guess that won’t happen now.

* Disappointment: The display doesn’t tilt back far enough. I used to use my PowerBook G4 on the kitchen counter standing up–I’d tilt the screen way back so I could see it easily. I can’t do that with this laptop, I have to either sit down or bend over.

There’s more:

* The light detector they use to control the keyboard brightness doesn’t work in pitch-black. If I try to use the back lit keyboard with the light out it doesn’t work. It picks up it’s own light and turns off. Then it thinks its dark again and turns on. It oscillates on/off endlessly until I just disable it. I put a video of the illumination problems online here.

* This is likely a software issue, but it has problems going to sleep. Let me rephrase that–it won’t sleep unless I tell it too by closing the lid.

* When I first got it the wireless didn’t work after I upgraded to 10.5.2.

What the hell happened Apple? I’m so disappointed. Did Steve lose his fanaticism?

Did I mention that I sent the laptop back for repair once already? The first keyboard I received was even worse than the one that’s on it currently. The replacement is *slightly* better, but still no where near as good as the one on the PowerBook G4. Going back to type on the PowerBook G4 is like night and day. I did an informal survey at work asking people to decide which keyboard they liked better, and 8 out of 8 people prefered the PowerBook G4 keyboard to the MBP keyboard.

Link

I’ve heard from many people that the ideal game is the one that has everything. It’s a game where players are constrained by nothing. These people believe in a sandbox where their very imagination is the only boundary. They believe in game with no limits…

I’ve been spending some time trying to get DirectX applications running within Mac OS 10.5 using VMWare Fusion, CrossOver and Darwine.

Darwine — Darwine uses OpenGL for it’s DX emulation, and there’s apparently an issue with the OpenGL drivers in 10.5’s X11 that’s preventing wine from using OpenGL. The latest builds of Darwine you’ll find around the net don’t even include OpenGL support, and if you try to compile it yourself you’ll run into problems. Apparently Apple is aware of the issue and is working on a fix, but there’s no ETA.

CrossOver — I did some DirectX tests with CrossOver and it looks like it does not include support for DirectX 9. It will initialize a HAL interface without error and return pixel shader model 1.4 support, but inspecting the video card properties returns an error, and trying to actually grab the video surface returns an error. I haven’t tried DirectX 8 yet. (Which I don’t really care about anyways)…

VMWare Fusion — In Fusion I was only able to create a DirectX 9 surface if it was fullscreen; windowed surfaces would return an error. For shader support it returns 0.0 and 0.0 for ps/vs, so the second you try and use a shader it returns an error again.

We still have a ways to go before DirectX 9 is really usable on OS X in my opinion…

I just got a new MacBook Pro laptop this week and the wireless networking stopped working no less than a day after I got it. The culprit? The 10.5.2 update.

Apparently this is a well known issue but Apple doesn’t make any mention of it in their knowledge base.

I figured since the laptop is brand new I would call Apple tech support to see what they had to say. They walking me through the typical stuff: reboot, remake your network settings, reset the hardware, upgrade my wifi router firmware, etc. Nothing seemed to help. Their final suggestion was to downgrade to 10.5.0. Unacceptable!

After a lot of experimentation, I figured out that the culprit in my case was the beacon interval on my WRT54G v6 wifi router. I had set it a long time ago to 1000ms, and the moment I changed it to 100ms (the default) it started working again. Change it back to 1000ms and its broken again. So strange.

If I were to boil the content of articles on boingboing.net down to just three things I would say they are:

1) Privacy rights advocacy (online and offline)
2) Intellectual property rights reform advocacy (fair use and remixing)
3) Cory Doctorow ego inflation (and self gratification)

It’s not that often you see all three of these combine.

Link: Remixable German documentary about me [Cory Doctorow] and Internet freedom