20041230

A visit to IKEA

This may be of no interest to anyone else, but I'm officially giving up shopping at IKEA.

Not that it's really bad, mind you. Going to the Boucherville store is much less hassle than going to the Cote de Liesse store ever was, even when I lived close to the Cote de Liesse store. Getting back on the A-20 is a bit more of a pain because of really weird traffic light timings, but I've survived to tell the tale.

And it's not because I'm annoyed by the prices, or the layout, or the crowds. Prices are reasonable; the layouts, although slightly strange at first, let you see all "sample rooms;" the crowds are very manageable at the Boucherville store. So, no problems there.

My main annoyance is how square everything looks. Square couches. Square footrests. Square chairs. Nearly cubic cushions. Square handwoven baskets, for crying out loud!1 Sharp corners everywhere.

One of my friend's flat is mostly furnished in that style. It's a great, pure and all that kind of style. But it is not at all the kind of stuff I have. And I am not going to buy a whole new set of furniture just to fit with the rest.

I was toying with the idea of buying a set of shelves there, or maybe a new computer desk. But it's not going to happen. I'll probably grab a good desk from somewhere where the whole boxing day stock isn't gone yet instead.

So, you learned it here first: BGE has given up on IKEA as a source of furniture. There.


1 Well, there are some round baskets, but they're huge. I'm looking for something to go on a shelf, not for an exotic clothe hamper!

20041223

Jukebox mania

I am now the proud owner of a Creative Nomad Zen Xtra, thanks to being extremely lucky (perhaps undeservedly so!) So I've been messing with it a bit.

The device itself is extremely nice. The scroll wheel thingy is a bit awkward to use, especially with the case on, but I've few complaints so far. I don't know how it fares against an iPod; my last MP3 player was a CD-based koss thing that got zapped by a static charge when it was so cold outside the air in my flat was dry to the point of pain in my nose...

Storage capacity is very high; I don't think I have enough CDs to fill it! So far, Xenosaga II OST went on. USB transfer is extremely quick.

This device pretty much prompted me to finally set up USB under Linux, because I hate booting into Windows (with Windows 2000 not being supported so much, I'm always worried I'll get contaminated by some nasty worm or something; I do install system updates, but I don't run Windows all that often, so I tend to be quite a few updates behind).

Overall, it was a bit painful, but that's my fault for insisting on compiling my own kernel. Setup went like this:

  1. apt-get install gnomad2 (lots of gnome libs get installed--maybe I should rewrite this thing in pure GTK or something...)
  2. Run the program; complains it can't see the Nomad. Hmmm.
  3. Install the libnjb utilities. They, too, complains.
  4. apt-get install hotplug. Still doesn't work. Darn.
  5. Read the USB howto. They mention the USB filesystem. Hmm, don't recall setting that option.
  6. Download 2.6.9 kernel, since a recompile is a good excuse to update to latest kernel.
  7. make menuconfig and realize that indeed, hadn't set the CONFIG_USB_DEVICEFS option. Set it. Also set up the hotplug support (CONFIG_HOTPLUG). Remind self that options that affect one another aren't always grouped...
  8. Rebuild, install kernel package, reboot. Plug device in.
  9. Start gnomad2; it finds device right away! Success!
  10. Find out that gnomad2 has support for transferring data files as well as music. This means I won't need to boot under Windows except to update firmware. Hmm, maybe I can try to hack firmware; then again, maybe not, as a goof could really ruin the device.

That's pretty much it.

20041221

I'm a Magical Boy!

It's true! Well, at least the quiz didn't put me in as a magical girl.

Still, it's rather disappointing that I get only 18 episodes. I guess they ran out of money like some other show, which may be a sign of future greatness...

You are in an anime! What happens? by meteoric
Name
Age
What the anime is aboutMagical boys
GenreRomance/Sci-Fi
Episode count18
Your roleMajor character
Quiz created with MemeGen!

About comments

Note that I've disabled comments, because I'm not sure how they work on blogger.com yet.

So those wishing to comment (<sarcasm>I know I have numerous readers</sarcasm>) can do so by contacting me.

As soon as I figure where the comments go, I'll probably enable them for members of the blog. Those wishing to comment on the blog will merely need to beg.

20041220

How can I trust ActiveX?

The "How can I trust Firefox" post on an MSDN blog by Peter Torr made it to Slashdot, and I expect us to know very quickly how robust the .net stuff is when subjected to the Slashdot effect. It seems to hold so far, which is pretty impressive when you think about it.

In any case, it led me to wonder why I trusted Firefox more than IE, even when browsing under Windows. Of course, under Linux, it's pretty much the browser (konqueror and mozilla nonwithstanding). But I still feel safer with it under Windows. Why is that?

Well, thinking about it a bit, I'm just really scared by ActiveX controls.

Now, binary extensions are never a good idea for something used to browse the internet. A few trusted, well-known extensions such as Flash Player may be the exception (and if it weren't for the zillion sites that use those, I wouldn't trust them either!). Also, small adapters for things such as media players that are otherwise trusted are ok to me, especially when the code for those adapters is available.

But why should I have to download a binary for a bloody Google toolbar?

Most Mozilla extensions are free of binaries and run in a scripted environment, with proper sandboxing. Some do ship binaries, and I tend to dislike those; in general, they rarely work with all varieties of libc/g++/etc. that live on my system. I compile those by hand.

Scripted environments are extremely important for such kinds of extensions. At worse, you can have semi-compiled stuff (like Java applets), but expect performance to be annoyingly bad. That's because the closer to the machine you are, the harder it is for a user application to "sandbox" your code.

Another thing that's a big no-no is the automatic download of plug-ins. By all means, put a "click here to download plug-in" window. But don't even start to download anything without the user's conscent. Not even to check the signature!

But overall, the main thing that bothers me with the ActiveX extension model is an overall feeling of treating security as an annoyance, and feature delivery as the main goal.

Examples of how this is the case (note that not all of these are IE specific, but they do illustrate an overall approach to the problem that has permeated the early history of Microsoft):

  • The big Word Macro fiasco. In the early days of Word Macros, I remember the company I worked for considering a way of delivering our software through Word Macros in a mostly automatic manner. The idea was to "spread the word" about the software, so to speak. The scariest part is that it worked at one point. But then, Melissa came up, and Word was hardened against macros. Well, kind of: you'd get a dialog asking you whether you really wanted to run the macros. That's a pretty useless dialog; you can't see the macros at the time you read the dialog, you don't even have their names, you don't know who wrote them, etc. As a user, how are you supposed to know what to do? So, user clicks yes, or otherwise the nice Word macros installed by the IT department won't work. Congrats, you're infected. They fixed this recently, but it took several iterations.
  • All the security problems related to vbs macros in Outlook. Now, if you're running a script in such a container, I'd really restrict its operations. I wouldn't allow it to create just any ActiveX control, at least not without some registry-fu done by an installation program. And I definitely wouldn't allow an incoming mail to generate outgoing mail! But those who wrote the HTML control and the Outlook stuff just gave all scripts access to all ActiveX marked "safe for scripting", which includes nearly all of them (see below). Probably so people could write automation more easily. Wouldn't it have been better to give no access and open up on an "as-needed" basis, perhaps requiring intervention of some installer to do so?
  • There is no GUI to unregister ActiveX controls if it misbehaves. It's possible to monkey with regsvr32 /u blah.dll, but users won't usually know where the ActiveX DLL ended up. Heck, they probably don't know what the name of the DLL is! At least Firefox extensions can be uninstalled...
  • The whole "safe for scripting" issue. OK, this is the silliest thing in my opinion. To make an ActiveX available to script languages, you mark it as "safe for execution" and "safe for scripting". This is done by marking it as part of two COM categories IIRC. You must, of course, sign the control. Two problems with this:
    1. The control is made available if, in its author's opinion, it does no harmful operations regardless of the input from the script. This is a tall order. And, keep in mind, not everybody's Donald Knuth. There are probably a lot of controls in the wild that are actually not safe for scripting at all.
    2. There is no support whatsoever given to programmers to even help them make the control safe for scripting. No way of specifying what types of operations the control should be restricted to; no way to restrict file operations to files selected by the user; no way to restrict access to internet connections. In general, no way to declare which Win32 APIs I want the control to restrict itself to run. What we get instead is a series of guidelines about how to write safe ActiveX. Thanks for nothing. If some script smashes my control's stack, that's it, it can inject any code it wants and all of it will work.

To be fair, I wouldn't be surprised if some XPCOM components in Firefox have similar issues. But in general, XPCOM components have to use XPCOM services if they are to be portable, and those are audited somewhat. I believe there's some security checks involved as well. In any case, there's a choke point for XUL/JavaScript extensions: they need to go through Mozilla to do anything at all. ActiveX go through Win32, with no restrictions, even if the developers of the ActiveX would prefer to have some. Instead of addressing this problem (say, by exposing OS services that are potentially dangerous through some COM interfaces, which could easily be overridden by the container), Microsoft has done the following:

  • Given us confusing dialog boxes;
  • Telling everybody that signed code is the key;
  • When scripts managed to do some nasty things (like spam the whole planet), patch stuff on a case-by-case basis.

Not a good past history, for sure. Windows XP SP2 supposedly fixes some of those problems, but a lot of sites still run Windows 2000 and others haven't managed to get existing software to work with SP2.

How can I trust ActiveX? Code signing, without a way for developers to somehow have a fighting chance at writing safe code, is not very useful. I can't write JavaScript extensions to extend IE easily, either. And the ActiveX gets downloaded automatically, if only to check its signature. The problem, kind people, is history. The Firefox people are new, and they have been pretty serious about fixing security problems. They provide a programming model that gives the extension developers a fighting chance at insuring safety of their code. ActiveX only supplies protection before execution; afterwards, all bets are off.

OK, so I haven't refuted Peter Torr's points about Firefox itself. But I wanted to point out that if you trust the Firefox binary you installed, the programming model offered to extension authors doesn't make me too nervous. There is no such guarantee with the IE extension system.

Until .NET and its Java-inspired sandbox is ubiquitous, I think the following would really help IE become a more trustworthy browser:

  • Disable automatic installation of ActiveX.
  • Allow extension of the browser through JavaScript and maybe XAML. Sounds like XUL/JavaScript? Well, that's no coincidence.
  • Instead of making extra services available through ActiveX controls, forcing an ActiveX lookup, only allow browsers to run well-known ActiveX (such as XMLHTTP) or controls that were installed explicitely for the browser.
  • Give up on the trust model to security as the sole needed answer. Sandboxing is necessary somewhere. Programmers aren't Gods; the programming model should not expect them to be.
  • Give people time. Microsoft history with respect to ActiveX security is so bad that some places will not buy anything with the word "ActiveX" in it (some departments of the Army, for instance; I experienced that first-hand at one point). Even if a new model becomes available, it will take time for people to realize it's more secure.
  • Forget about legacy support. Use the fact that you're still the dominant browser platform to force third parties to use the new programming interface. If you lose dominance, it will be the worse possible time to do this, as it will annoy ISVs and prod them to move to other browsing platforms.

Credentials: I've developed quite a few ActiveX controls in my career. One was embedded in Word (and all it did was automate Word itself and display a picture, but it was a huge pain to develop--Word is far from being an ideal container). Another was embedded in IE and allowed one to sign an HTML form. The Word control didn't scare me too much because it couldn't be installed automatically and it only reacted to user events; it had no programmatic interface. The IE control needed a programmatic interface because it needed to be called through JavaScript, because HTML forms aren't as rich as Word documents. I remember being scared a lot writing the IE control, knowing that my control was marked as safe, signed, everything cool, but that I had no way to verify that it was safe. I ended up making the interface the very minimum needed so the control would remain useable. But it would have been much better to write this in script, if possible.

Canadian Weather

It was bloody cold today. To the point I thought my cheeks would freeze completely at one point. Not a nice feeling.

Which brings me to a rather funny observation about Montrealers. We'll brave deadly cold just to make sure we get a seat in the bus, for a 15-minute bus ride. Even funnier, I'm one of the ones who did it, and I didn't even realize it until I was in the line. By then, well, I was there, and I decided to tough it out.

One would think it's a macho thing, but the three people in front of me in the said line (and, needless to say, who had been there much longer than I) were women. Are stupid male habits rubbing off? I hope not...

In any case, that was not very smart, but my toes are still moving and my fingers haven't fallen off. Plus, I had that really warm polar cap. I sometimes think that winter is a humility test: you must be willing to wear a silly hat, or your ears freeze. So, you're either humble or you suffer.

Still, tomorrow, if it's that cold again, I'm staying in station and I'll stand in the darn bus.

Apparently, there's going to be rain (not ice rain, liquid rain) this Thursday. There go my plans for cross-country skiing coming Christmas weekend. I knew I should have gone last weekend, instead of messing around in the west of the island looking for decent Christmas gifts (in my defense, I found a really nice one, but had to drive way west to get it). Montreal weather is completely whacked. If you want to move here, be prepared.

Then again, we don't bitch about much more than climate, so I guess it's a pretty decent place to live. I'll take weird temperature swings over earthquakes, tornadoes or civil unrest any day.

Well, that was pointless, but, hey, it's my blog after all.

20041219

About the picture

My picture

I know somebody's going to ask about this, so I'll just say it up front.

Everybody who saw the picture failed to notice my dashing figure. They just ask, "Who is the man on the picture on the wall? Actually, why is there a picture of a man on your wall?"

Fear not, I haven't been hiding in the closet or anything. Unfortunately, the actual answer is somewhat convoluted and, at the same time, boring. I know some people won't believe it, but it's the harsh truth.

When I started off at Logient, there was a lack of space, so I ended up in the corner cubicle1. A rather lousy place for somebody whose main job was technical lead. One guy left, leaving me the adjacent cubicle. That was already better. However, when I moved, somebody pointed out that Guy, the guy who's picture was on my cubicle wall when we took the orange hat picture (still following all that?) had held a similar position to mine, and had his picture on my former cubicle's wall. So, lacking a picture of my own, some prankster pinned it to my wall.

OK. Fast forward a few months. Some events free up space in the office. So I get to move closer to the windows, and I jump at the chance, as my eyes get bad quickly when I can't look outside. This is the cubicle I have on the orange hat picture.

Nothing much is planned where I work when it comes to office set-up and such, so I just take all my stuff and put it on the new wall. This included a rather large database schema I needed at the time. This also included the picture, as someone reminded me to bring it while I was moving stuff. So, without further thought on the matter, I just pinned it there to shut people up and moved on to more important things, such as my wonderful Fujitsu 4726 keyboard.

Fast forward a few months again. The window seat is great, but there are no real blinds, only some sort of semi-transparent thingys. When the sun is setting, I get it smack in my face2. So I put on my sunglasses, which help a bit. That made people laugh, so I put on the hat, and the earphones3 on top. The picture is so strange (I look like some weird American jet fighter pilot or something) that co-workers rush to get the digital camera.

So, to summarize:

  • The guy in the picture is Guy, a former Logient employee. I met him once, and that's it.
  • His picture is on my wall because it was on my cubicle wall before and somebody complained he'd feel "left alone", so I humoured that somebody.
  • I really look silly with an orange hat.

I'm not in the habit of discussing anything about work, but, well, this had to be explained.

I hope this clears up any misunderstanding. Thank you.


1 We don't really have cubbies at Logient, it's a big open area, somewhat loft-like. But there are a few partitions. They don't cut out the noise, so everyone hears me swear all the time, but that's why we have earphones. The partitions are to hang things on, because many walls are naked red brick, which don't appreciate thumbtacks too much.

2 I guess I shouldn't complain--it's one of the nicer spots. Or so I've been reminded many times by co-workers when I complain about the sun in my face.

3 The big earphones are supposed to get people to understand that I'm coding, dammit, and that I don't want to be annoyed. It worked for about two hours. Maybe I should start wearing torn jeans and spike bracelets.

First post!

Well, I'm quickly messing with the blog (from Blogger.com for the moment, I'll probably whip up something myself someday).

For the moment, though, this works. Had a lot of fun making the template match my own site; pretty much had to destroy the existing stuff and rearrange the whole template. Had to figure out a lot of stuff in a hurry. Will have to read documentation on their HTML template format. But for now, it works well.

I've got to go to sleep now... (look at the publishing date below; should give you a pretty good idea why...)