Must Have Software

Well, my motherboard died over the weekend, so I had to rebuild and reinstall everything.  Must have software is the software you install first, right?  Here is the list, in order.

  1. Windows Server 2003
  2. Motherboard Drivers
  3. Firefox
  4. Windows Update –
    1. Win2K3 SP1
    2. About 49 other patches
  5. Microsoft Office
  6. Microsoft Lookout
  7. Microsoft Visual Studio 2005 Professional
  8. Microsoft Money
  9. Google Picasa
  10. Google Toolbar (got a big ad when browising Google’s homepage)
  11. Macromedia Flash
  12. Van Dyke SecureCRT
  13. Motorola Phone
  14. Techsmith SnagIt
  15. NSIS
  16. Windows Live Writer
  17. Macromedia Fireworks

Lots of Microsoft in that list!

Winning the War

Robert Gates today said that he thinks we aren’t winning the war in Iraq.

Gates is wrong.  I don’t know what definition of “win” he is using, but we completely won.  We dismantled their government, ousted their leader, put him on trial, and eliminated a huge segment of their military.  The country has been conquered and we now occupy it.  If we didn’t win, what else would it take before Gate’s thinks we are winning?

Let’s bring everyone home.  Let’s not do it over a month, or even over a week.  Call up the Marines now, and tell them to pack up and come home.  They won, they did great work.  They should be proud, and we’re very grateful.

Understanding Google’s Indexing

Matt Cutts posted a fantastic description of what happened to a hapless Webmaster when his site was hacked and delisted from Google. 

I thought it was pretty interesting to know how much detailed analysis went into the problem, and I was impressed by Matt’s professionalism.  Like Matt, I hope that we (as software professionals and as an industry) are able to get better over time at letting people know what is going wrong.  But I think it’s pretty amazing how much self-diagnosis some of our modern services are already doing.

Excel Programming and IgnoreRemoteRequests

I’ve been dabbling with complex spreadsheet work, and I needed to actually write some code to run in Excel.  It turns out that Excel, while it is programmable, is fragile and easy to break.

The first problem I ran into was that as my program was running, I could start another Excel application which would interfere with the Excel instance I was using.  I was surprised by this, but reasonably happy that the solution was to simply set the Application.IgnoreRemoteRequests in my instance of Excel, and no longer broken by other Excel instances.

However, a few days later, I discovered Excel was completely broken on my machine.  It refused to open a spreadsheet from an email attachment, or from the desktop!  This was quite scary, and initially I didn’t know the cause at all.  Turns out there are lots of posts on the net about this – and it is relatively easy to fix – go to the Tools|Options|General tab in excel, and make sure that the item “Ignore Other Applications” is UNchecked.

Wait a minute – doesn’t “Ignore Other Applications” and “IgnoreRemoteRequests” sound pretty similar?  Why yes it does.  It turns out that when an Excel extension temporarily sets this setting, Excel persists it when it closes!  Whoa!  That is very fragile.  This means that if a plugin ever sets this setting and forgets to unset it, the user is left in the lurch forever! 

For the non-programmers out there, you might think that this is the fault of the Plugin, and that isn’t completely unreasonable.  But more accurately, this is the fault of Excel’s API being simply too fragile.  Very few APIs in the programming world work this way – where what seems to be a transient setting is actually saved permanently.  Further, if anything goes wrong with the plugin, there is no way to make a “failsafe” for this from the Plugin side.   Excel saves this setting behind the programmer’s back, and the programmer has no way to know when this setting is saved.  If you can’t know when it is saved, you obviously can’t know exactly when to ‘undo’ it either.  We can “hack” it, but we can’t fix it.

So, if you run into this problem, where Excel refuses to load files from email or the desktop, you’ll likely find lots of sites which tell you this same fix (Tools|Options|General|”Ignore Other Applications” = unchecked).  And it will work.  Those sites may further say something like, “this is usually due to a faulty plugin”.  All right, sort of.  But Excel is a far too easily broken interface.  If you are a programmer, you probably would do best to not write addins for Excel.  Your code will probably never be robust.

The Cost of a Commute

Here is a look at what my per-day cost of commuting is.  Since I now take the Google shuttle, I am  interested in how much I save by not driving.

The simple computation rests on the price of gas, which, thankfully, has fallen a bit.  But a more accurate computation would take into account the actual wear and tear on the auto as well.

For me, I drive a car which cost about $25,000, and I expect to use it for about 150,000 miles, and then sell it for about $2,000.  That means on a per mile basis, it costs about $0.15.  Fuel, at $2.45 per gallon and 45mpg, costs a little over $0.05 per mile.  I’m intentionally not accounting for insurance or maintenance, because I do need a car, and even without a commute, I would incur these expenses.  This calculation is merely the cost of driving each day to work.

Well, with a per-mile cost of $0.207, and a round trip of 85 miles, the shuttle saves me $17.66 per trip. 

Norton AntiVirus is the Worst Program Ever

I made the mistake of installing Norton AntiVirus as part of Google Pack.  I guess I thought I would be nice to my new employer and try out the Pack. 

I’ve tried Norton a few times in the past – each time I uninstall it due to being a total system hog.  Once again, I’ve had the same experience.

My laptop is a few years old; its only got 256MB of RAM, but it runs fine.  But today, the first time booting since installing Norton, it took me 15 minutes to regain control of the system (this is not an exaggeration!!  I couldn’t get control of the mouse, the task manager, nothing for 15 minutes!).  Norton just completely monopolizes the disk and CPU.

It’s no wonder viruses spread so easily.  Norton has turned into the same bloatware you’d expect from Adobe or Microsoft, so of course users disable it.  It sucks.  Yes, Norton, we want you to scan for viruses.  But no, this is not permission to completely rape and pillage our hardware and prevent us from getting our work done.

Well, the uninstall of Norton is just about done now, so I’m done with this blog entry.  I hope the numbskull PM at Norton that thought that “well, if users can’t see that it is scanning we won’t get brand recognition” dies a cruel and horrible death.  I’ll be working hard within my company to make sure we get Norton out of the Google Pack.  It just isn’t Googley.

Avoiding Automated Account Creation

For several years, many sites have been using “CAPTCHA“s to ensure there is a real person signing up for an account.  We’ve all seen them – these are the questions where the user is asked to type in the letters of a distorted image before proceeding to the next step.

I just went to create a new GMail account, and I pleasantly discovered a new system, hopefully even more tricky for spammers to work around.  The GMail system requires that it be able to send an SMS message to your cellphone before it will let you create an account.  They will only allow 10 accounts per phone number to sign up.  So, even if the spammer manages to get 100 phones, he’s still not getting a very large number of GMail accounts. 

Of course, if you don’t have a SMS-capable cell-phone, I guess you are out-of-luck!  Maybe others have seem this already and I’m slow to notice.  But I thought this was pretty cool.

Democrats vs Republicans – Lousy Choices

The Republicans got trounced yesterday with their “stay the course” policy.  Hooray!  Maybe now we’ll get out of Iraq and bring the troops home.  Everyone except our President knows that the battle is over and the rest of the “job in Iraq” can only be done by Iraqis themselves. 

But, why is it that in order to end the war we have to choose to elect the Democrats?  We’ve successfully kept them out of control in the House since 1995, and for good reason.  Now, don’t get me wrong, if I have to choose between the war in Iraq and electing Democrats, I’ll take the Democrats.  But this is a really awful choice.  Why can’t we keep the Republicans in the House and get out of Iraq?

If you don’t know what I’m talking about, you should read Nancy Pelosi’s e-book.  She clearly states what she is all about:  taxes and social programs.

Here are her 6 tenets  for 2006:

1) Defense.  She wants to double the size of the military with a variety of expensive campaigns.  Well, anything is cheaper than war, I guess.
2) Raise the minimum wage.  (In other words, cause unemployment)
3) College.  Make college tuition tax deductible permanently, cut student loan interest rates, increase Grants, NSF, etc.  (In other words, increase taxes)
4) Energy.  More incentives for energy-efficiency.  (In other words, increase taxes)
5) Affordable Health Care.  Lower prices for seniors.  (Remember the baby boomers?  In other words, increase taxes)
6) Protect Social Security.  Gov’t retirement matching.  Remember the Baby Boomers?  In other words, massively increase taxes.

The stage is definitely set for the democrats.  Bush’s war is going to be the rally cry for Hillary Clinton in 2008.  Taxes… taxes…

I hate to say it, but it’s worth it as long as we get out of Iraq.

I wonder if George Bush realizes that his biggest legacy may not be the war in Iraq, but rather the depression he creates by forcing Americans to elect Democrats to get Bush to stop fighting this stupid war.

Hotmail Trains Users to be Phishing Victims

Since I know a few people at Microsoft on the Hotmail team, I’m hoping one of them will read this article and fix the problem. 

In short, Microsoft and Hotmail are helping internet users get phished due to Hotmail’s poor security practices.

There is a very nice summary of phishing techniques written up here.  One of the major problems they emphasize is how many existing and reputable sites condition users to ignore security.  Security is a tough enough problem to begin with, and the UI in our browsers is clearly deficient.  But on top of that, we’ve got companies like Microsoft not even practicing what they preach, and conditioning users to ignore security warnings.

My example today comes from Hotmail.  I’ve been seeing this problem for several months now, and I’m getting sick of it.  When you go to the hotmail site and try to login, you’ll be presented with the security box (click it to enlarge), indicating to the user that the certificate is invalid.  Unless you are a 100%-pure geek like me, you probably don’t know why it is invalid, or even what it really means.  You know, that in this case, you’ll probably get to read your email if you click OK.  So you ignore the problem.  WARNING – you could have just been phished.  And, when you go to the next site that presents that warning, what will you do?

This problem is very fixable.  Hotmail is in the process of changing the product name from hotmail to live mail, and they are redirecting in a way which exposes this problem.  This is really just laziness – it is a simple problem to fix with matching your domain name and your certificates.

When Microsoft won’t even configure their websites correctly, how can we expect the smaller and more ignorant companies to do so?  You might as well take all the dialog boxes in Internet Explorer and replace them with this (credit to University of Aukland for the image):