Windows Vista shaping up to be a user _and_ security nightmare!

Microsoft Vista’s Endless Security Warnings

The feature is called User Account Protection (UAP) and, as you might expect, it prevents even administrative users from performing potentially dangerous tasks without first providing security credentials, thus ensuring that the user understands what they’re doing before making a critical mistake. It sounds like a good system. But this is Microsoft, we’re talking about here. They completely botched UAP.


Calmly seeking powerpoint diagram extraction tool

Does anyone know of a tool which can extract the diagrams from a Powerpoint presentation and turn them into something sensible and open, preferably SVG (but EPS or even PDF would do I guess)? Ideally a tool which can do this for all of the diagrams in a presentation in a single pass, but even a solution that requires manual intervention for each diagram would be better than nothing… Thanks!

“Always on” password autocompletion in Firefox

A handy feature in most web browsers is the ability to remember usernames and passwords for sites you visit often, so you don’t have to keep typing them in – the browser just fills it in for you. Some sites don’t like you doing this, however. If the input tag of the password field contains the attribute autocomplete=”off”, that’s an instruction to the browser not to allow this handy feature for that field, so you have to type in the password by hand every time.

This is arguably quite a good idea, and reduces the chance that a user in an internet cafe will thoughtlessly click “remember” and partially open up their bank account to the next customer. There are some interesting thoughts on the topic here, but that’s not what this post is about.

What this post is about: the intranet at work is one of these security-minded sites that disables autocomplete, which is really really annoying (they also have a brain-dead policy on password expiration, but that’s another story). At certain times of year I have to use this site a lot – it forgets you’re logged in between sessions, and I find myself repeatedly typing the password.

Well, no more. Have I moved to Opera, which ignores autocomplete=”off” altogether? No, of course not – I’ve found a Firefox extension which does the job for me.

Introducing ketjap, which can apparently do a number of quite funky things but which in particular can rewrite tag attributes arbitrarily using a set of prevalue/postvalue rules. So I defined I rule which acts on input tags, on their autocomplete attribute, turning a prevalue of off into a postvalue of on. Et viola, it works. The next time I visited our intranet and entered my username/password, firefox offered to remember the password for me, and I gratefully agreed to its welcome proposal.

Actually, I was a little confused at first, because I looked at the page source, expecting ketjap to have changed that, but that’s not what happens – it seems it alters firefox’s interpretation of the source on the fly, leaving the source untouched. Neato in extremis.

Now I invite members of the public to point out the page in Firefox’s preferences where I could have just ticked a box to make this happen. ;-)

The Waterfall model has always been evil

This is very interesting… Common wisdom has it that the waterfall model is the “old way” of doing things, a respected technique from times past, but that these days we’re (struggling to) move towards more agile, iterative methods of software development. Accoding to this, however (and the wikipedia article agrees), the paper that first described the waterfall model actually described it as a bad practice, and went on to advocate an iterative approach, attempting to formalise practice which had been around since the 1950s. Alas, subsequent papers largely missed the point that a purely sequential waterfall was a bad idea, and it got enshrined as “software best practice” of the 1970s. We’re still trying to recover.

Bugs in embedded systems can be naaaasty

In 2003, the pacemaker of a woman in Japan was accidentally reprogrammed by her rice cooker.

Computers are getter smaller and smaller; embedded systems are getting more and more powerful. That means two things. First, what you can do on a computer of given size n is increasing over time: maybe five years ago it was just a microprocessor with 4KB of RAM running custom-built assembly code, whereas maybe in five years it’ll have a gig of RAM and be running OpenBSD or (shudder) Windows. It’ll have more features, more complexity, more failure modes, less security, and in essence, we won’t understand it any more. Second, the smallest systems producable are getting smaller all the time: today you can put that custom-built system with 4KB of RAM into a smaller space than you could five years ago, and in five years time it’ll be smaller yet. That means computers are appearing in more and more places, and more invisible.

The interesting part is when you put these trends together, so you end up with millions of systems flowing through your bloodstream, all running Windows 2020 (or whatever). Yay.

What is success?

What is success?

Understanding Ruby blocks, Procs and methods

Understanding Ruby blocks, Procs and methods.

Scripts in ruby a la python’s __name__ == ‘__main__’ idiom

A common idiom in python is to check the special variable __name__ to see if the current module is being run as a script or not. For example:

class Foo:

def bar():

if __name__ == '__main__':

Here, if the module is run as a script (ie passed directly to the python interpreter), then __name__ has the value “__main__”, this is detected, and (in this case) the bar() function is called. On the other hand, if the module is just imported from some module, __name__ has a different value (the name of the module file, I think?), and bar() doesn’t get called.

This is nice for a number of reasons – for example, you might put unit tests into bar().

How to do this in Ruby? It’s not in FAQ, which surprised me. I was about to ask on ruby-talk but then remembered the biggest FAQ of them all, and turned to google. Aha (and eek, what a horrible mailing list interface). Anyway, it’s:

if __FILE__ == $0

OK, so why does this work?

$0 contains the name of the script being executed – ie, the name of the file that was passed to the interpreter. Whatever code you’re executing, this value never changes over a particular run of ruby. On the other hand, __FILE__ is always the name of the current source file. If the two match, then the current source file is the one that was passed to the interpreter.

I guess that’s pretty clear. Cool.

Gimbo tries Evolution and is put off by silent failure

I use mutt for email, but I’ve been toying with the idea of moving to Evolution. I can work very quickly in mutt, but I’ve been wondering about going graphical for a while, and I’ve heard good things about Evolution recently so I thought I’d give it a try.

Well, it’s OK, but I’m not completely convinced. There are a number of little things, but here’s what really bugs me…

I have a local spool mailbox with 74 messages marked for deletion, and, well, they’re just sitting there, marked but undeleted. How do I get rid of them? The “File->Empty Trash” menu item works in other mailboxes (eg an IMAP one), but these guys are refusing to go. This would be merely mildly annoying were it not for the thing that really worries me: it fails silently. I click “Empty Trash”, and nothing happens – no error dialog, no status message, nothing written to stdout.

Another one: I select “Help->Contents” to get some help and… nothing happens. No help, no error dialog, nothing to stderr, just another silent failure. This is probably, I guess, because I’m not actually running gnome. But if it’s not going to work, it shouldn’t be on offer. We can do better than this, people.

Silent failure is always a really bad sign because it makes debugging (and thus fixing) so much harder. The fundamental reason why I use Unix rather than Windows is that it puts me in control, and when things go wrong, I can usually track down the errors and fix them. You have to be choosy about the software you use, because a hell of a lot is crap and doesn’t actually help you, but there’s enough which does it properly to make the effort worthwhile.

Unfortunately it’s starting to look like Evolution isn’t one of them, which really surprises me given the people I’ve heard positive testimony from. :(

So, I might perseverse, or I might give a try, or I might just stick with mutt because it does rather rock. Any other suggestions?

Oh yeah: another reason I like the look of Evolution is for its calendering. I have yet to find a decent calendaring app, which just astounds me. Sunbird looked half decent for a while but then switched from nice open iCalendar format to some stupid binary format, and (here’s the clincher) no longer even runs on my system. It doesn’t start, and it does so silently.

Why is so much software so bad?

Update, a few minutes later: aha, it’s “Folder->Expunge” to clear the deleted messages. I wasn’t seeing failure, I was just asking it to do the wrong thing. Still, this does raise the question: why does “File->Empty Trash” work in the other mailbox? And the help still fails silently. Pah. ;-)

Why the Sony Ericsson w800i sucks


I used to own a Sony Ericsson k700i and it was a great little phone except that it really sucked in that it only had capacity for 100 text messages. Never mind it had 64Mb or so for photos and music – 100 short messages is all you’re getting, buckaroo!

Well, I upgraded recently to the super shiny w800i – this is the Walkman branded thing, and it’s a very very nice phone. Great interface, great camera, records sound, blah, blah, blah. Oh yeah, and it’s got a little stick in the side which gives it a memory of 512Mb. Half a gigabyte. Double the memory of the laptop I’m typing on right now, in fact.

The bastard thing has just cheerfully told me “Text memory over 95% full – delete some messages now?” No you fucker! I don’t want to delete some messages now!!! Your memory is empty you stupid piece of shit!

Apologies for the swearing but god damn it I’m angry. I mean, I knew the salesman with the Toni and Guy haircut had no fucking clue what he was talking about when he said it didn’t have this text/sms memory limit problem, but all the same, I really thought they’d have sorted this stupid stupid bug out by now. There is absolutely no excuse for this kind of shoddy programming in a product this advanced.


/me goes and kills someone

Students: if you ever do this, you are compelled to commit seppuku

Lesson one in security: deny by default, allow with care. It is entirely brain dead for your login logic to be “if the logged_in cookie is false, they’re not logged in, otherwise they are”, rather than “if the logged_in cookie is true, they’re logged in, otherwise they’re not”.