Free and Open Technologies

Jaunty Jackalope Not Without Troubles

Sun, 10 May 2009 12:14:07 +0000

I have to say that the newest version (9.04, aka "Jaunty Jackalope") of the Ubuntu family is a good upgrade, but not a great one. If I were deciding whether to install it fresh or to upgrade an existing Intrepid Ibex (version 8.10) installation, I would choose probably use 8.10 for a new install, but upgrade a pre-existing installation.

I have my road dog, a Dell M140 laptop with 512MB of RAM. Because I travel with it, it is a little banged up. It is slowly fading. I also have a second machine, BigBoy, a newer Dell with 4GB of RAM, that I'm prepping for my nephew.

RoadDog: The upgrade took the whole night, between slow download speeds, interrupted connections, and modal dialog boxes that appeared after I had already gone to bed. I cannot say that all of the download slowness was at the Ubuntu end, because the hotel where I'm staying has a problem with slow and dropped connections anyway. When I finished, everything looked good.

Days later, I went to launch Kopete for an instant messaging session. What? No Kopete? No AmaroK? What else is missing? Once I reinstalled AmaroK, my podcasts were missing, along with my settings. Putting those back into place was not the easiest thing (still not completed), since the newest version's interface does not expose many of the things that I had changed.

One thing I always have to do is change where Amarok stores podcasts. I also use other media players, so I want everything stored in the same places. Podcasts go in ~/Podcasts. This version of AmaroK wants to put every podcast in ~/.kde/share/apps/amarok/podcasts. My solution was to replace the ~/.kde/share/apps/amarok/podcasts folder with a symbolic link to ~/Podcasts.

Next problem. I could not hear any podcasts. I had installed the xubuntu-desktop package after some difficulties with the GNOME desktop environment. I wound up spending a couple of days of searching on the Web for solutions involving installing and tinkering with alsamixer, alsamixergui, asound, and so on. I changed so much that I am not sure what finally worked, but I now have sound again, but the hardware volume controls no longer work.

Other things which no longer function correctly include Ark and "archive manager". In both cases, the problem relates to finding a place to extract zipfiles and tarballs. Fortunately, Xarchive and Xarchiver both function correctly (and so does PeaZip). The moribund Galeon browser doesn't print (again--this happened in 8.04, was fixed in 8.10, and broken again in 9.04).

BigBoy: This is a fresh installation of Xubuntu 9.04 "Jaunty Jackalope" 64-bit. The major issue I've run into is the sound problem and AmaroK, except the sound isn't fixed yet. My feeling is that this release was a little rushed. It is mostly very good, with a few nagging glitches--audio being the most important--that could have been fixed before release with a slightly longer release cycle. Perhaps the six months cycle needs to become a nine-to-twelve months cycle.

In general, the 64-bit versions of any OS are a little buggier, because there are some applications that get added which are still 32-bit. I did not notice this, because the biggest issue was the audio problem. (And the AmaroK issue, which is actually a problem with the KDE developers losing touch with end users.)

It isn't that 9.04 is bad, like the first release of Vista was, but that it is not as good as the Ubuntu standard leads us to expect.

Blogged with the Flock Browser

Tags: Ubuntu, Xubuntu, Kubuntu

Browsers

Sun, 22 Mar 2009 17:22:49 +0000

I tend to use a variety of Web browsers. It varies from Lynx and similar text-based browsers, to

Firefox, Opera, Konqueror, NetSurf, Midori, Epiphany, K-meleon, Dillo, and occasionally the moribund Galeon or Internet Explorer. And this is as it should be.

I wish that everyone that put up Web sites would use a variety of browsers to check those sites, and that the "it works in browser X, that's all that matters" mentality would finally go away. The truth is, if your site is meant to make money (either directly, through online sales or through subscriptions; or indirectly, through advertising), you want pretty close to 100% of the people who bother to come to your site to be able to do whatever it is that brings you money. In practice, this means:

Flash and other such technologies should normally not be used for the main content of your site. While Adobe's plugin has an amazing market penetration, different systems will have different versions of Flash (and sometimes, upgrading is not an option) or even non-Adobe plugins. Worst of all, most of the plugin detection scripts fail miserably if the site visitor's browser or browser settings (or operating system) are outside of a narrow range, even where the content would run acceptably without the script's interference.

The National Oceanic and Atmospheric Administration (NOAA) has some Java applet-based weather pages that are really neat and helpful, unless you try to view from a non-Java-enabled browser. There are some organizations that view applets as security risks and disable them. There are non-moving images that do not require Java. In this case, NOAA should decide whether it might be worthwhile to create less-functional non-Java-based moving graphics along with the enhanced-functionality Java-based moving graphics.
JavaScript needs to be used for additional functionality, not basic functionality. For example, JavaScript data-cleaning / data-verification is known to fail. Since the site has to clean and verify the data again on the server anyway, the page should still work correctly if scripting is disabled. In the case of forms, this means that the submit button should still work even if scripting is disabled.

Banks' sites should be among the most secure anywhere. So be careful about things like JavaScript on a bank site. That would be something to be concerned about. Why? Because of all the fake bank sites that spring up to steal one's information. I would expect those sites to use JavaScript to plant key-logging software. It seems to me that a reliable bank would not use JavaScript (or would limit its use) for just that reason.

Browser (and operating system) specific markup, plugins, etc. Thankfully, there is a lot less of this these days than there used to be. You'll probably see this more often inside a corporate intranet, where someone will set up SharePoint. Personally, I've seen only seen one organization's SharePoint implementation, but it was truly useless for most employees. Better to go with Alfresco, which offers more functionality and is not browser-specific (or specific to Word/Excel/PowerPoint, for example, Alfresco has an option that is optimized for OpenOffice.org as well as MS Office and which uses OOo behind the scenes to give enhanced functionality). One other place where it seems common... the MSN/Live.com sites (and some ASP.NET sites, such as CareerBuilder and Monster), which work wierdly or even not at all with Opera and other non-Microsoft browsers. Since Opera is a heck of a lot faster than MSIE and uses a lot less memory than Firefox, I use it a lot. Let's make it clear, use standards-based markup and scripting and eschew browser-specific cruft. That is how one makes it easier for people to use one's site.

I do want to mention that Internet Explorer 8 has been released. It is supposed to be more standards-compliant. I have not had the opportunity to try it yet, but I've heard that it still has problems with transparency in PNG-format graphics, and that it still flips to tag-soup mode when <?xml ...> is at the top of the page (which has been part of the W3C standards for about nine years now). I mean, seriously, why don't you guys get out of the browser business and stick to buggy, hard-to-use office suite software?

Don't Forget JPEG

Fri, 6 Mar 2009 06:03:43 -0100

I've been doing some work with content management systems on our test server. I kept running into problems with an image gallery attachment that gave errors every time I attempted to upload a JPEG image.

--with-gd=<insert path here> --with-jpeg=<insert path here>

I finally found the problem and am recompiling PHP (which means I'll have to spend some more time with PECL and PEAR, too).

Ad-Supported Microsoft Office Ahead?

Fri, 6 Mar 2009 05:47:41 -0100

Microsoft Office: An Advertising Platform - PC World

the purpose behind releasing a free version of Microsoft Office with ads displayed alongside the workspace was to draw "pirate customers into the revenue stream." "We want to draw them into the Windows family," Elop said, according to Silicon Valley Insider. "And maybe there's an up sell opportunity later."

What is the big thing behind it? Well, as they said, there are some people who are using Microsoft software who did not pay for it. But there is another motive that I see. Microsoft's moribund online division is a colossal flop. If millions or even billions of computers are suddenly tied into their advertising network, this would give them a chance to compete with both Google and Yahoo!, who are eating Microsoft up.

Actually, with all the hoops that their Genuine (Dis-) Advantage program puts users through, it surprises me that they think they are missing out on money. The truth is, many software thieves will not pay to use software. Period. On the other hand, if thieves are finding ways to break through the restrictions, they will also find ways to shut off the advertising. Also, if the ad-supported version is not feature-full enough, they will return to cracking the fully-functional professional version.

What I really wonder about this is just how much revenue they think they are going to recover this way. Considering that there are presently-paid users who will substitute the ad-supported version if the ads are not too intrusive... in other words, are they going to get enough ad revenue to replace the lost buyers? Are they shortchanging revenue in the Office unit to bolster the failing online unit? Do they see the future decline of Office being so swift and sharp that they are moving to get out in front of the trend? These are the kinds of things that one has to wonder when one sees this.

Will this blunt the impact of OpenOffice.org, Zoho, Google Docs, ThinkFree, WordPerfect, and other competing offerings? While Microsoft claims it has not seen much effect from these competitors, they are taking users at the margins who might otherwise be using Microsoft Office. Could this be a ploy to justify the continued existence of the failed online division?

Stop Irritating Scrollwheel Desktop-Switch Behavior

Mon, 2 Mar 2009 00:58:26 -0100

[ubuntu] [SOLVED] Disable workspace switching with mouse wheel? - Ubuntu Forums

For the beginner, here are the steps to disable the ability for the scroll wheel to change workspace in Compiz.

If you don't already have compizconfig-settings-manager installed,
$ sudo apt-get install compizconfig-settings-manager

Then
System ->
Preferences ->
Advanced Desktop Effects Settings

Select the Desktop category.
Click on the Viewport Switcher icon
Click on the Edit icon next to Button5 (Move Next entry),
and change the value to "None".
Click on the Edit icon next to Button4 (Move Prev entry),
and change the value to "None".

Scroll wheel will no longer do a "Move Next" or "Move Prev".

Have you been using Ubuntu or Linux Mint GNOME edition with Compiz enabled recently? If you are used to using the mouse wheel to scroll up and down within applications, you are probably pulling your hair out over the way that it changes workspaces (what a normal person calls "desktops") when you are trying to scroll within an application.

I use the scroll wheel a lot within my mail clients (Thunderbird and Claws Mail, primarily. I have one older notebook computer that has Sylpheed installed instead of the other two), It is useful in scrolling through the message list and in going through the list of accounts. I find it disturbing when I am trying to find out what account just received an e-mail message and wind up on a different workspace/desktop.

It turns out that this trick solved that problem for me. I am documenting it here so I can find it again. But if it helps you also, that's even better!

IceRocket: computer tips

computer tips

CMS Fundamentals

Tue, 17 Feb 2009 05:34:09 -0100

I'm doing some work on our practice server, preparing to build the new church's site. As I've been doing this, I thought about some of the differences between now and ten years ago.

Ten years ago,almost everything I put up was hand-edited. It had to be. Neither FrontPage Express nor Netscape Composer maintained my color schemes. Each had its own view of what HTML should look like and would demolish my carefully-crafted (for easier editing next week) markup with its own warped (and often browser-specific) markup. It was quite common for the client to contact me with a list of events scheduled in the next two or three days, requesting me to get them posted on their site. Today, on the other hand, the goal is for most of the content editing to be done by someone in the client organization.
Ten years ago, Notepad and Wordpad were my tools of the trade. Toward the end, I discovered a Windows text editor called ConTEXT, which offered syntax highlighting for HTML and several other languages. I had also messed with something called Editeur, which made itself the default program for every filetype it knew, every time I opened the program, no matter how often I told it not to do so. I also used something called Super Notetab, which had the ability to save little snippets of code to be pasted into future files. I have now moved on to Gvim/vim, Kwrite, Kate, Jedit, joe, and nano. I still prefer text editors over heavier development environments, although I am starting to use Netbeans and Eclipse for PHP.
Ten years ago, the site was hands-off for the client. I did all the work, made all the changes and updates. Today, the small organizations I'm dealing with need to have an administration panel protected by a username/password, so that they can easily create articles/documents, upload photos, and perform other content management tasks without funneling extra tasks to me.
Site functionality back then was pretty basic. Most sites were brochures. Sites were generally hand-made, or "bespoke". Today's sites are generally database-driven applications or even multiple applications tied together with "bridges". For most purposes, we use a pre-built CMS ("content management system") and adapt it to fit the needs of the client. Financially, most of my clients could not afford to pay me $50 per hour or more to create that functionality from scratch.

First fundamental of content management systems: look for something that is widely-used and widely supported. By supported, I mean that the CMS has a large number of add-ons that help it do whatever you might need. Be sure the project behind it is active. And, in almost all cases, choose a project that uses an open source license for most of its code, even if you pay for a closed-source improved version.

Second fundamental of content management systems: you are using the product, not marrying it. If the CMS isn't meeting your needs, you can modify it so that it does, or you can find another project. If a product is giving you a headache, switch.

Third fundamental of content management systems: documentation, documentation, documentation. If you cannot find accurate, reasonably complete, and up-to-date documentation, you'll have to read through the code in order to figure out the simplest things. How do you change from European-style dates to US-style dates on your pages? The docs should tell you.

Fourth, make or buy templates. The default templates look like every other site.

Fifth, have a non-technical person log in and try to create content. Write an article and publish it. Upload a photo. Add a calendar item. Add a comment to an existing item. If your user has trouble, you'll be called upon for support more often than you expect.

Finally, get involved somehow with the project. Donate money, donate code, donate the use of a server. Publicize the product.

Discussing Win7 Vs. Vista Security

Thu, 5 Feb 2009 00:28:05 -0100

Criticism mounting over Windows 7 security | Beyond Binary - CNET News

Microsoft is facing increasing heat over the security implications of a change designed to make Windows 7 less annoying than its predecessor.

One of the chief complaints with Windows Vista is frustration with all the warnings that pop up to notify users that changes are being made to the operating system. With Windows 7, Microsoft has changed the feature so that users see fewer messages by default and also so they have more control in deciding how often they are notified.

The problem, say some, is that by making the prompts less frequent by default, Microsoft is potentially paving the way for malicious software to makes changes without the user's consent.

When you read this, you see that this mostly a lot of talk about nothing. There is one single valid issue: a piece of malware could conceivably shut UAC all the way off without your knowledge or approval, assuming you have UAC set on medium.

What these so-called security experts do not seem to get is that computer users do not read the prompts to decide whether to "cancel or allow". Instead, they quickly quick allow, so they can get on with whatever they were doing. The modal pop-up "security warning" dialog is now a useless relic of a failed security model. Ask anyone who works in support about how many people ignored warnings and wound up installing Antivirus 2009 and its predecessor Antivirus 2008. Last Summer, I got plenty of exercise trying to keep up with this predator, so I know that very few computer users read the pop-ups or care what they are trying to warn them about.

Computer users are not focused on security. They are focused on viewing the attachment that supposedly came from Auntie Mabel. If that attachment requires a special viewer or codec to be installed, they will try and install it, despite all your warnings, company policies, and pop-up dialog boxes. If Win7 is going to succeed in the marketplace, it cannot repeat the Vista "security nanny" mistake. The maker of Windows, like the makers of every Web browser on the planet, is going to have to find something other than modal dialog boxes as a way to determine whether something should be allowed to happen.

I think part of the solution is recognizing that computers are not toasters. Computer users need to be trained, just like automobile drivers need to be trained. In either case, misuse or misunderstanding of the device can seriously harm other people, along with the person at the helm. Part of that training may be learning how to inform Auntie Mabel that certain kinds of attached files will not be opened, no matter who sends them. Part of it may be learning how to help Auntie Mabel keep her machine clean, so that recipients are not risking their computers' health whenever she sends something out.

I believe that reducing and almost eliminating the security pop-ups is the correct direction for Microsoft and everyone else to be heading. The pop-ups seemed useful eight or nine years ago, when ZoneAlarm first became popular, but within a few days, users realized that they could not tell what was really dangerous and what was not. The abundance of dialogs caused legitimate concerns to be buried in the deluge of minor and inconsequential items. If you are planning on sticking with Windows (a mistake in my eyes, but one that many people will make anyway), do not let people scare you into leaving the pop-ups enabled. The security benefit is minimal, while the disruption to your work can be severe. (Let me clarify that ZoneAlarm does not show the parade of pop-ups any more.)

What we know for certain is that Vista's pop-ups were a dismal failure at enabling computer users to understand the security implications of what they do on a computer. If Win7 gets rid of most of those pop-ups, that will be much better for those computer users who are stuck using Windows.

IceRocket: Win7, UAC

Win7, UAC

Job Search Sites Broken Into Again

Tue, 27 Jan 2009 20:16:55 -0100

Hacked - Monster.com and usajobs.gov � WA4ZKO?s Ham Radio & IT Weblog

looks like user data and passwords were siphoned off from Monster.com and usajobs.gov recently

I encourage you to go and read this entry. He has some good advice.

The same company's computers were penetrated a few years ago. I recall having to change passwords and seeing some notices on their sites. It is not likely that the same flaw was exploited both times. However, the impact of these attacks could be dramatically reduced if the company collected and stored less user data.

Many job sites will have, in addition to an online resume builder that captures your full work history and contact information, a tool that allows you to define your immediate and long-term career goals. Naturally, they have a list of what fields and locations you have worked in, and what fields and locations you are looking to work in. Worst of all, they have your "secret question" and its answer. This is a bonanza to network vandals. Now, they can send you specially-tailored and targeted phishing e-mails, often with authentic-looking job search site graphics. And since they know things that only you and the job search site would know, it is easy to fool you.

If you use the same password OR the same secret question elsewhere (other sites), you should be looking to change them. More importantly, look at how many sites you have "joined" and start trimming the list of companies who have information about you that could be lost or stolen. You should especially look at those who could be in danger of closing or being purchased by someone else. What happens to your information if they go down?

IceRocket: computer vandal, network vandal

computer vandal, network vandal

VirtualBox As A Sandbox

Tue, 13 Jan 2009 22:21:52 -0100

When I'm working on a site, I want to be able to view what I've done. However, I frequently travel, and have no desire for everyone in the hotel to see what I'm doing. I also do not want a Web server running while I'm checking e-mail or visiting the Weather Channel. The best answer I have found is to set up a virtual machine that contains my workspace, including a Web server. This way, I can start it when I choose, and leave it alone other times../p>

I had tried VirtualBox some time ago, and found that it had some rough edges. Since I also had VMWare Server, I just stayed with VMWare and dumped VirtualBox. Skip forward a year or two, and I am updating my build environment. Actually, I'm updating my entire environment. I'm in the process of getting rid of my old K6 200 MHz PC that I got from PC Club, along with my old Dell Inspiron 2650 notebook (1.6 GHz, 384 MiB of RAM, 20 GB hard disk). Those were not my only computers--I also have a Dell XPS M140 with 512 MiB of RAM that travels with me. My plan is to replace the two home computers with a newer desktop, and then I'll probably start looking for a replacement for this laptop in a few months.

Anyway, I started by taking a Fedora 7 install DVD and creating a new machine from it. But that is a fairly old version, and certain applications {like PHP) would not compile because the prerequisites were too old. I then went to the VirtualBox Images site and downloaded F10. Fedora 10 is surprisingly fast, but it still takes a lot of work to configure a pre-built image into something useful. I was going to install the VBox guest extensions, so that there would be some integration with the host desktop, but I needed gcc and then I needed the kernel headers and build tools, and then I started removing some of the unneeded bloat. Among the things I removed was WPA Supplicant. Of course, this took out Network Manager, which took down all networking. At that point, I said, "I'll just build a virtual machine from scratch--it will take just as long to re-jigger this one to my needs". That is where I am now.

Interestingly, VirtualBox 2.1 itself is wonderful. The guest OS is responsive. It works like a regular computer. Using VMWare, I always felt like the software weighed down the system. When running, guests were slow, the host was slow, and I frequently just gave up on the evironment. (The old desktop was the dev environment at home, but I'm usually gone eight to ten months each year.) Once I get Fedora set up, I'll get back to work.

Technorati: virtualization VirtualBox

del.icio.us: virtualization VirtualBox

IceRocket virtualization VirtualBox

Powered by Bleezer

Update Report: A Month Later

Thu, 4 Dec 2008 07:05:31 -0100

I upgraded the computers in my home to Ubuntu / Kubuntu 8.10 on 2008-NOV-02. About one month later, this is my experience:

Ubuntu substituted swfdec for adobe-flashplayer. It is greatly improved from where it was, but still routinely locked up browsers when flash was on a page I visited. Finally, tonight, I removed swfdec from my "road dog" laptop and installed adobe-flashplayer in its place. Although I have not done much browsing since then, but a trip to YouTube was not as frustrating.
Kubuntu switched to KDE version 4, which is really not ready for general use yet. The new programs menu looks similar to what you find in Windows Vista, but with its hyper-sensitive hovering, the program you want moves away from you.
On the two newest installations, KDE still has its annoying single-click launching setting. I always have to look for the place to change this, and this time was no exception. Hint to the KDE guys: let me change ALL desktop properties by right-clicking an empty area of the desktop and selecting "properties" on the pop-up context menu.
Visually, Kubuntu is beautiful. I've never seen as attractive an interface. Ubuntu's GNOME environment retains its earlier look, which isn't too bad, but cannot compare to Kubuntu's.
One thing that should be on by default is displaying network adapters and their connection status in the system tray. I couldn't easily find how to enable it, so I hit Adept and Synaptic to find what I needed. I still don't know whether I needed anything additional in order to enable this display. All I know is that I can now see what I need to see. Hint to Canonical: if you work in support, the first question when someone cannot connect to the network is "do you see any lights flashing on the little icon with the two computers?" It is very important that network connectivity indicator lights be enabled by default.
As I mentioned before, Java is always a question when you first upgrade. This time, the OpenJDK-based Java Runtime Environment worked right away, including working in Galeon.

As you can see, these are relatively minor. Compared to upgrading Windows, a lot more has changed, with many more changes in the pipeline. And yet, these computers are FAR more usable than Vista.

Blogged with the Flock Browser

Tags: ubuntu8.10, software upgrade