March 31, 2005
One more step
The deposit form is filled out. The envelope is addressed, stamped, and clipped to the deposit form. If I put the form in the envelope, and mail it, I will be committed. (More accurately, it will cost me $300 to change my mind.)
Why haven’t I done it yet?
It’s not the feeling that it will be a bad decision. I’ve had two negative responses so far, and the two schools I’m still waiting on aren’t likely to be much different. (I think the fact that I haven’t heard from them yet should be telling me something.) I’ve had a good feeling about this school since I visited there. (Looks like my nickel worked.)
I haven’t heard anything about aid yet, and that worries me a bit. Should I have? I feel like I ought to be waiting out these other two schools, but even if they accepted me, would I choose to go there? If I keep waiting, am I endangering my position at this school?
And, down at the base of it…
I went back to this list and thought about how things have changed. A lot of the things I feared are now moot (the first one, for example.) I added one: I’m so long out of school that I won’t be able to focus on the work and keep up. But the one that makes my hair stand on end is the last one: I’ll be so bound up by the things I’m afraid of that I won’t make it happen at all.
I’ve still got a chance to blow it.
Now Playing: All My Sons from Born of Frustration by James
I enjoy being a...
“Everyone who is going to pay for TV already pays for it,” said Todd Mitchell, an industry analyst at Kaufman Brothers Equity Research. “The only people without it are Luddites and people too old to appreciate it.”
Or am I in the “too old to appreciate it” category?
We do have the most basic of basic cable at our apartment, but I’ve gone years at a time without. In the most-recent subscription, I’ve not yet sat down in front of the TV with the intention of watching anything; I’ve always had something else I would rather be spending my time on. So I suppose that puts me in the “Luddite” category.
Now Playing: Alfred Hitchcock from Abigail by The Nields
March 30, 2005
Dinner to go
The swooping crow led my eye to the red-tailed hawk (I think) stooped on something about five meters off the side of the road, as I whipped by on my way home. By the time I had pulled the car over and had my camera out, it had picked up its meal and left for somewhere it would not be bothered by either scavengers or photographers.
March 29, 2005
A title isn't going to add anything
It was raining this morning, but I think that just added to the picture.
A semester too early
I realize I’m giving away the current leader in the “who gets pjm as a grad student” sweepstakes, but this would’ve been a perfect pitch for me to hit out of the park.
Now Playing: 12 Bellevue from Failer by Kathleen Edwards
Shades of grey
I spent some time yesterday implementing greylisting on our secondary MX. I found it fascinating, but if neither of the two key parts of that sentence (“greylisting” or “secondary MX”) mean anything to you, you may want to skip this. (If you understand one or the other, in the extended entry I’ll give a thumbnail explanation of both, before outlining my installation.)
This has become a bit of an epic. I’m not sure if I want everyone to skip it, because it’s hopelessly technical and geeky, or read it, because I put so much time into it…
Now Playing: I See Monsters from Love Is Hell by Ryan AdamsContinue reading "Shades of grey"
All politics is local
I voted in the town election this morning. I admit I might not have known there was an election going on, had this one not featured a fairly tense question surrounding the town government. Like the small town where I grew up, Amherst is still run by a board of selectmen and a Town Meeting; unlike that town, Amherst’s town meeting is representative (each ward elects twenty-odd representatives to town meeting, rather than all residents going,) and the meeting is spread over several days, where ours was, I think, two: one for the school budget, and another for everything else.
Part of the difference is Amherst’s tendency, as a town, to try to legislate national policy at a town level. Town Meeting apparently spends an inordinate amount of time debating issues like the USA-PATRIOT act, which simply doesn’t happen in coastal Maine. (I heard a story once about the moderator directing an unnecessarily verbose resident to “sit down and shut up.” The moderator, my father, did not contest the story.)
So, for the second time in two or three years, there’s a proposal on the ballot to amend the town charter. The idea is to abolish Town Meeting and the Select Board in favor of an elected City Council and Mayor, respectively. The first time this was up, I was living in Northampton. It was defeated by something like fourteen votes, so they’re trying again.
As is usual at election times, there were sign-holders at the stop-light intersections in town, but in the past they’ve always staked out opposing corners. This time, signs both for and against the new charter were on each corner, the holders sometimes engaged in heated discussion and sometimes friendly conversation. It’s an issue that’s close enough to the political foundation that the town, normally less than 10% conservative, is not divided along the normal lines.
I’m just happy none of them accosted me as I walked to the polls on my morning errand-run.
Now Playing: Angels Walk from Eventually by Paul Westerberg
March 28, 2005
They posted the psych sheets for New Englands this weekend. I didn’t plow through and figure out where I would be seeded based on my times from earlier this year, since I’m only swimming one event. It’s really an exercise in masochism, anyway: in the 1,000y freestyle (“deep end,” since I decided to risk losing my goggles in trade for the one- or two-second advantage conferred by starting from blocks rather than starting in the water,) I am seeded 31st out of 50, and even that is something of a technicality. Six of us guessed we’d swim 14:00, so we’re all “tied” at 31. Some of us are sandbagging, and others, like myself, are optimists.
My brother is seeded fifth in the 1650y free, which was cool enough, but then I checked the sheets sorted by age group. All the four in front of him are under 30. Then I scrolled down to the 1000, and discovered that I’m seeded last in my age group by about a minute and a half.
Now Playing: Guitar Song from Strangest Places by Abra Moore
March 27, 2005
New to the area
As I’ve noted, it’s melting around here. The melt-water is pooling wherever it can find a low spot, and as I was walking along the Norwottuck Rail Trail in Hadley this afternoon, I saw one smallish pool with a pasture fence running through the middle of it; clearly, this was the spring-thaw equivalent of a tide pool, dry by June. In the pool, on either side of the fence, were two pairs of mallard ducks. Hopefully not nesting pairs, I thought, but just in case, I called down to them, “That one’s just temporary, so it’s not a good nest site. Try Puffer’s instead, once the ice is out.”
We all have our phobias
However, I’m not sure I’ll ever sympathize with the cat as he is locked in mortal combat with a mostly-full two-liter soda bottle. (It’s not quite in his weight class, but close.)
More likely I’ll just laugh.
March 26, 2005
Embargoed for warmer weather
I’m not, generally, one to complain about winter weather. I don’t like it, but it’s the price we pay for living in an otherwise great place. However, I don’t think I’ve realized just how bad it’s been this winter.
See, yesterday I found a Boston Sunday Globe outside our door, with a note that it had just thawed out of the driveway snowbank.
The date on it was January 23rd.
March 25, 2005
It pays to exercise
…after all, I found a penny on the bottom of the pool this morning.
Think that name through
I saw a promo somewhere for a web search service—maybe they spidered this site. But their tagline was, “From chaos to order!” Implication being that they are bringing order to this wild, wild web by spidering it and presenting nicely packaged search results.
Secondary implication being that, by creating a site which requires spidering, searching, and presenting, et al., I am creating chaos which needs to be ordered by them, because of course my own presentation of said chaos isn’t good enough. Well, boys, you can take your pretty chaos-to-order conceit, and the horse you rode in on, and…
Well. Touchy, this morning. But I also created my own little Lloyd Dobler moment there… “Well, I don’t want to spider, search, or present anything for a living, spider anything searched or presented, search anything spidered or packaged, or package anything spidered or searched.”
Now Playing: Every Woman Alive from SXSW 2005 Showcasing Artist by Marion Loguidice Band
March 24, 2005
Making deals with the moon
I turned on the porch light, but I probably didn’t need to. The moon lit everything, both brighter and more shadowy than any flashlight, diffused through a thin scrim of cloud. I stashed some stuff in the car, then pulled my skis and poles out; it’s going to be parked somewhere this weekend where I don’t want them showing in the back seat. I debated whether I had the hands for the snowshoes, too, and decided to leave them. (So, keep your eyes open for a little black coupe with snowshoes in the back seat.)
I almost stayed myself. I didn’t have my to-do list with me, couldn’t see a clock to tell me how up-late I was, nor the inbox of email awaiting reply. The only bags full of plan-ahead were the finished ones I stowed in the trunk. The moon was out and I could imagine stars, imagine following single-track paths through the half-lit woods until I fell asleep in the passenger’s seat.
But the cat was watching from the apartment window, and he needed to be saved from his door-mousie. (He’s not to be trusted with string toys. He gets wound up, both figuratively and literally.) The lights were on, music was playing. And I was still wearing my slippers.
This is my compromise.
Now Playing: The cat, with the door mousie
Doing my penance
I did, let me confess, my share of web coding in the late ’90s. I created pages thick with tables and sliced images which needed to be arranged “just so” on the page in order to butt together and make a design element.
It’s payback time, apparently.
Today I started deconstructing the whole thing in an effort to, not redesign the site, but create a lightweight standards-compliant version which looks pretty much the same (ugly as it may be, it’s a design, and I’m poorly equipped for that,) but actually works.
As I pick through the old code, pulling stuff out to recreate in some sort of valid markup, I find myself wanting to call the original developer, maybe once every five minutes, and ask what on earth they were thinking when they did that. (The answer, I suspect, is that they weren’t thinking; they were letting Dreamweaver and/or ImageReady think for them, which is not always a good choice.) I am finding large graphics cut into four or more segments for no apparent reason (which then need to be re-joined), gratuitous image-maps, and multiple discontinuous design elements merged in a single block of graphic-file (which is then, of course, sliced into a number of smaller files for no apparent reason at random places.)
The only thing that keeps me parsing this stuff out is the idea of how much better it will be when I’m done. And the queasy recollection, like a hung-over morning, that I may have contributed to equally painful layouts.
Now Playing: Keep Happy from SXSW 2005 Showcasing Artist by Papa Mali
March 23, 2005
At a loss
I got a birth announcement today, from a longtime friend, of her second son. I’m happy for her, of course, but I have a problem.
I have a stock present which I send to new parents, a particular book which was a favorite of my nieces. The problem is that I can’t remember if I’ve already sent the new arrival’s older brother a copy, in which case I’d need to hunt up an alternate (and I don’t remember which of my nieces’ many other books get such an enthusiastic response. Maybe this, which was a favorite of my own?)
Now Playing: Morning Wonder from SXSW 2005 Showcasing Artist by The Earlies
The stretch of state highway which I travel back and forth to work (when I’m driving) seems to be popular with raptors, or at least one raptor. Yesterday, on my way home, I spotted a bird sitting in a tree near the road which looked like the red-tailed hawk which gave us a show back in January. I’ve seen him a few times in the last few weeks; this stretch of road is surrounded by farms, so the road’s right of way is the narrow strip with trees. I imagine he can sit there and keep a good eye on the open ground, looking for small animals poking out to check the snow depth and evaluate their foraging opportunities.
Then I saw another one very much like him, not a half-mile down the road. How many hawks can one road support? Maybe I’m mis-identifying some vultures waiting for road-kill?
Now Playing: Empires from SXSW 2005 Showcasing Artist by The Snake The Cross The Crown
March 22, 2005
I’m transcribing the last of my recordings from the NCAA meet, and listening to my questions I’m reminded of the idea I had wanted to write about. I’m fascinated, I suppose, by the way we create athletic heroes, and I was looking for my interviewee to do something spectacular. He was primed to, winning his first of two races, but then stepped off the track halfway through his second. I can hear in my questions an attempt to salvage my first idea, fishing for explanations of ambition, dreams, or both. Meanwhile, he’s oozing disappointment and frustration.
It’s another one of those moments where I hate listening to myself as I inflict this interview on a patient athlete at the worst possible time, but fortunately I am not utterly clueless throughout.
Now Playing: Turn off the stars from SXSW 2005 Showcasing Artist by Wayne Sutton
I spent plenty of my life in denial of what I liked to do. Sometimes, though, something calls to you in a way you can’t ignore.
For instance, when you open up the Specialized Products catalog, and let out involuntary interjections of “Cool!”… well, there’s a technical profession ahead of you. Don’t fight. And when the highlight of your work day is “shopping” online for rack-mount cabinets, well, that’s the geek version of Home Improvement. (Don’t buy tower servers for lack of a rack; buy rack-mount components so you can buy a rack!) And wouldn’t anyone feel a little bit like a special operative going through airports with this carry-on?
OK, I’ll stop scaring you now…
Now Playing: Don’t Push from SXSW 2005 Showcasing Artist by The Exit
March 21, 2005
Music beyond saturation
I alluded to this in my last post, but since there may be one or two people who read here but don’t read No Fancy Name and need a bit more explanation.
The South by Southwest music festival (which the hip people always type as “SXSW”) made available, this year, a massive collection of MP3s from artists playing at the festival. And when I say “massive,” I mean about 750-plus songs, which was a 20% increase in my library. It could take me a month or two just to absorb the collection, playing it in the background, rating and culling when something catches my notice (positively or negatively.)
It really brings home the scale of the festival. There are very few duplicate artists in the list, and though there are several I’ve heard of (maybe they played at the Horse, or in some cases, maybe they’re local around here) I only found one duplicate between the showcase and my own collection. Then I got to thinking about 750 bands… where do they put them all? How do they schedule them? Is there anyplace within ten miles of downtown Austin where you can’t hear live music?
The other fun thing about the showcase is the distribution method. The collection (a pair of zip archives, plus another folder of late additions) is being distributed via BitTorrent, which is the latest trendy way to share files. The festival “seeded” the torrent by providing the original files, but by now most people “downloading” the showcase aren’t actually getting it from the festival; they’re copying bits from all the other people who are downloading it, and they’re sharing the parts they’ve already downloaded with everyone else in this massive multi-directional file share. The festival just pushed a snowball down the hill; it’s rolling on its own now.
BitTorrent has been in wide use by early-adopters for a while now, because it’s a stellar way to distribute large files like Linux disk images. Lately, I’ve heard it’s being used to share digital recordings of TV shows with those who missed them, and there’s a booming market for concert bootlegs. Supposedly, BitTorrent traffic is now nearly a third of all internet traffic. So in addition to all the new music, this gave me an excuse to dust off my client. BitTorrent is still at that phase (which RSS/Atom/etc. are beginning to leave) where most sites offering a torrent feels like they need a little thumbnail explanation of what this is, and how you need to pick it up.
It took me about a day and a half to get the whole thing downloaded, mostly time I was away from the computer so BitTorrent could use the whole DSL line.
Now Playing: Waiting Under the Waves from SXSW 2005 Showcasing Artist by Kris Delmhorst
March 20, 2005
Beaten with a stick
Today, while I was off in one of the more depressing regions of Massachusetts, I was hit by The Stick. I almost deleted the email unread until I realized that it was from the Scoplaw, whose actual name I’d not been familiar with.
I don’t usually do these things, because I usually throw enough of my reading, listening, etc. in that both of my regular readers know what’s on. Besides, my rate of reading has slowed dramatically in recent years. I blame five soul-rotting years in the magazine industry. Anyway, read on (extended entry) for The Stick, and go back to Scoplaw for the, er, “history.” (I like the name. Reminds me of a relay baton. Stick!)Continue reading "Beaten with a stick"
March 19, 2005
A klister day
Ski wax has two big classes: glide wax and kick wax. Skate skiers only use glide wax, which is meant to help the ski, well, glide on the snow. Classical skiers also use kick wax on the center of their skis, to grab the snow when they push down and back. Both kinds come in a spectrum of colors and hardnesses for different temperatures and conditions. Glide wax is forgiving; since it doesn’t have the dual role of both sliding and grabbing, if you pick the wrong glide wax you can usually get by. Kick wax is murder, because you need to hit the sweet spot where it slides forward and grips backward; too far in either direction, and you either have no traction or no glide. This is a gross oversimplification; I believe there are PhDs in waxology who claim they are still learning.
Klister is a specific kind of kick wax, less like wax than like glue that never dries. It is gooey, sticky, and more contagious than plague. It comes out for warm weather and/or icy snow, and today I saw a klister box in the wax-room trash can. I’m surprised I didn’t also see a matching pair of klister-fouled mittens.
I had my softest, warmest wax on as well, and even with that I was all over the skating trails. I was gliding wonderfully off each push, but the fast, hard snow also made it hard to get an edge; sometimes the ski would go sideways, or snag in someone else’s rut and send me sprawling. I felt like the tails weren’t always following the toes. Notchview is expecting snow tomorrow and next week, so today might not even have been my last skiing day.
On the trip up, I wished I had my camera to make a little slideshow of the trip for you. There were two sugar shacks steaming like teapots in Williamsburg, then another one cold in Goshen (improbably located in the Goshen Stone Co. yard.) A sign nailed to a telephone pole promised “Corn Ahead,” and in Cummington the bones of an old ski lift mark the bottom of a rank of masts up a mountainside. Any ski trails are long since overgrown. The roads are starting to show frost heaves as the ground under them melts unevenly, and the freezing and thawing of water makes the surrounding soil churn and bubble like a geologic stew. As I bounce over the road like a small powerboat, I imagine glacial-till boulders percolating up in the fields to annoy the local farmers.
Now Playing: Nobody Girl from Gold by Ryan Adams
March 18, 2005
In discussion on a listserv, the difference between being dedicated and being committed came up. It’s a breakfast metaphor: the chicken is dedicated, but the pig is committed.
Yesterday I sent in my entry for the NEM-SCY meet, and I committed myself to swimming longer without stopping than I have before (that I can remember.) I decided to skip the big weekend, since they moved most of my events to Friday; on Saturday, I would have had to swim 200br and 100fr and hope for a relay, which didn’t seem worth the drive in to Boston and back. Maybe next year, when I’ll pretty much be there. Instead, I’m signed up for the 1,000fr on “distance day,” the first Saturday. I seeded myself at 14:00, using the 6:40 500 I swam the other week as a gauge. I figure I can do two sevens. I hope.
I have two weeks from tomorrow. And I just read, on the CD I’m preparing, about the “Porsolt Test”:
The Porsolt test (also called the forced swim test) was originally developed for screening new antidepressants. Rodents are placed in tanks filled with water for about 5 minutes and the amount of time spent swimming (escape behavior) versus floating (behavioral despair or “giving up”), as well as the latency to first float is recorded. The sooner that an individual floats is an indication of depressive-like symptoms.
Cheerful. I’m not sure what that says about my pool time, but I don’t like it very much. What does it mean if the subject throws himself in the tank?
My brother is swimming the 1650fr on distance day, so we agreed we would trade off lap-counting. We’d both rather have someone we know doing the lap-counting; he told me a story of having his counter forget his race once.
Now Playing: The Ugly Underneath from Nonsuch by XTC
March 17, 2005
Hanging it out
When I was a senior in college, it was traditional to post all the negative responses received relative to whatever one planned to do after graduation. Normally, these went on the bulletin board outside one’s door, but I recall some doors which were entirely papered, and there may have been some senior-dense areas where the whole hall contributed to a communal wall of rejection.
Since my job search was pretty half-assed (I actually forgot an interview, and got a call from the no-longer-potential employer asking where I was,) I didn’t have much to post; instead, I kept a public archive of the March of Doom in the form of my major department’s communications about my comprehensive examination. Comps were required for me to graduate in the major, and since my GPA in my major was actually somewhat worse than my overall GPA, there was at least a slight possibility that I would crash-land. Anyway, I had no idea what I was going to do after graduation; at the time, remember, the concept of creating web pages professionally was still pretty new.
The idea of posting the letters, anyway, was somewhat like the Callahan’s motto of “Shared pain is lessened.” We were all in the pool together, and since you only needed one positive response, the negatives were more about bravado than gallows humor.
I bring this up because I haven’t recycled my two letters yet. I felt like I should be doing something with them—filing them, maybe—but tonight I realized that I was planning to post them on my door, without any actual door in mind. They can’t go on my office door at work, I think; nobody would understand why they’re there. (Maybe if I had a cubicle?) Putting them up in the apartment would just be weird, and not in a good way.
Maybe I should sneak back over to the college and post them outside my old dorm room. That would leave ‘em guessing!
A different kind of star
I have a column up today about Nick Willis, who won the mile at the NCAAs last weekend, then dropped out of the 3,000m. I’ve got quite a bit more conversation with him in iTunes waiting to be transcribed.
Talking to Willis, who I like immensely, made me think about the intersection of religion and athletics. There are some athletes who won’t finish an interview without telling us how grateful they are to God for the victory, or simply the ability to run. Some of them are more graceful than others at slipping this in; others (I’m thinking of Olympic silver medalist Catherine Ndereba here) can’t complete a sentence without testifying, and have become nearly un-interviewable as a result. Even the single most famous movie about running, Chariots of Fire, is really a movie about religion.
I grew up in a New England tradition which regards one’s relationship with God as somewhat more private than that with one’s spouse. Dour Puritans that we are, we regard PDR and PDA in about the same way, but we’ve also learned to shrug and move on in reaction to both. But I have learned a new sort of respect for someone who prefers to make themselves an example rather than an advertisement.
I didn’t notice until after the 3,000m what was written on Willis’s hands. Athletes often have marks on the backs of their hands; it could be target splits, it could be the names of their teammates, or in the case of BYU’s women one year, it could be smiley faces. Anything to catch the runner’s attention and remind them of something during the race. Willis had a cross—it looked more like a big “X”—on one hand, and “For Him” on the other.
They were notes to himself, not to us. He talked about his teammates and team, his coach, and his country. He talked about where running fit in his life. He’d spent the evening in an emotional parabola, from pre-race jitters, to the race, to winning, to another set of jitters, to a DNF and all the disappointment and self-recrimination that comes with that. Never once did he talk about his faith. Or, perhaps that was all he talked about?
This was the quote I closed the column with, which I think sums up why I like him so much: “If I’m to keep on doing this for 15 years, which I would like to do, I’d better be a good person to be around.”
Now Playing: Capsized from You Were Here by Sarah Harmer
March 16, 2005
Do I look like a shape-shifter?
No wonder people don’t bake more often. Here I find these instructions in my banana bread recipe:
Turn into greased loaf pan.
I think that’s a bit more metamorphosis than I had in mind, thank you.
And that’s not even in one of those fancy-dan, newfangled tofu-and-veggies Californized cook-books. That’s in Marge Standish’s Cooking Down East, which includes such pointed epigraphs as:
Parsley, parsley everywhere
Heavens, I like my victuals bare.
If not educable, employable
Well, someone wants me: the TV people confirmed that I will be working Boston for them again next month. Next step: getting a hotel room from them. I vary between wishing I could pull in more income from this sort of work, and not asking for enough when they’re looking for a quote.
(I am adding false drama to the “rejection” aspects of the application process. I am old enough to distinguish between an admission’s committee’s judgment of my application and their judgment of me, though my family apparently doesn’t think so.)
Now Playing: It’s No Reason from Hindsight (Disc 2) by The Church
March 15, 2005
As of this morning’s mail, I am now waiting on only three applications. The two responses are one yes and one no, and since the acceptance and all three outstanding apps are in the Boston area, it’s pretty much settled that I will no longer be living in the Amherst area come September.
Curiously, as I read the rejection (I’m told that’s not how I’m supposed to look at it, but it’s the only single word that describes it,) I was not upset at not being accepted; rather, I was a bit sad to know I wouldn’t be staying here. I had psyched myself up to thinking I would be accepted when I was doing the work to send in the application, but in retrospect I am not too terribly surprised; I’ve always been a long shot for many departments. Having an acceptance already in my pocket helps, too; even if I get no more acceptances, I think I will be happy with the one offer I have. I think I like the idea of a department that would take a chance on someone like me.
I suspect I have another “no” en route, but I don’t have much more than a hunch about that one. The other two are enigmas.
So, if you notice me dwelling on the nice things about living around here, that’s why.
Update, 3/16: I was right, there was another “no” en route, but not the one I had a hunch about. So, two remaining, at least one of which I expect to be the third “no.” (But since I’ve already “won” this game, I’m more amused than bothered if the other side wants to run up the score…)
Now Playing: A Life of Sundays from Room To Roam by The Waterboys
Phil Rignalda ran a trial obfuscating his posted email address with the same entity-encoding method I spelled out here, and discovered that spammers are lazy: apparently this quickie obfuscation method is remarkably effective.
Now Playing: Johnson’s Aeroplane from The Swing by INXS
Though, I should add, only of the polite sort. I got a big packet today from the IAAF containing their latest “World Rankings Yearbook.” The accompanying letter, from the General Secretary of that organization, referred to me as “a reputable media representative of our sport.”
Heh. I’m “reputable.”
Now Playing: Best Imitation Of Myself from Ben Folds Live by Ben Folds
March 14, 2005
The trees are starting to show that brown haze which will be leaf-buds soon. In a few weeks that will be a greenish haze, and then the leaves will be here before we’ve noticed the change.
Until then, I am thinking maybe I have one more weekend’s ski session, and I am enjoying how I can look to Mount Toby on the drive in to work, and see the true contours of the mountain relieved in snow and the sticks of its trees.
I ran across this quote: “The difference between success and mediocrity sometimes consists of leaving about four or five things a day unsaid.” No attribution. I’m trying it out, but it’s more like “un-posted” than “unsaid.”
Now Playing: Everything Changed from Everything Changed by Abra Moore
The sysadmin always knocks twice
I finally got started reading the security issue of ;login: on the plane to and from Arkansas, and ran across an article about a splendid little bit of paranoia.
The theory runs like this: most packet-filtering firewalls log rejected attempts. So why not do something with that log data?
- Close the
sshport in the firewall.
- Install a utility,
fwknop, which monitors logging of rejected connections at the firewall.
- Have that utility briefly open the
sshport (long enough for a connection to be established—maybe thirty seconds) for a specific IP address, only in response to a specific combination of failed connection attempts (or “knocks”) at various closed ports, using different protocols.
So, for example, if this utility sees the firewall rejecting packets at 668/tcp, 345/udp, icmp, 228/udp and 973/tcp, in that order, from a particular external IP, it opens 22/tcp to that IP address for thirty seconds. A connection is established, and the firewall is closed again (with the established connection remaining open.)
It’s like having a secret knock. In fact, it is having a secret knock. And the rest of the time,
sshd is off-limits for all the brute-force scanners we’ve been seeing lately.
I admit I find this so cool, I’d install it. Except that it would undoubtedly be exasperating to my (small) user pool, which is already essentially humoring me in my insistence on only using SFTP and SSH for any connection requiring authentication.
I had a whole bunch of good headlines for this, too. “Knock, knock, knocking on the server’s door?”
Now Playing: Don’t Get Your Back Up from You Were Here by Sarah Harmer
March 12, 2005
I’ve mentioned this in passing once before, but it bears repeating and calling attention to. A few months ago I changed the name of my Movable Type comment script to foil comment spammers. Some of them have bots which can figure out the new script name, but it appears that many of those bots have a bug: they can’t distinguish mixed-case URLs. Since my new script name has both capitals and lowercase letters (my personal shorthand for this site is F.o.P.,) and URLs are case-sensitive, I am seeing a lot of not-found errors in my log where spammers try to access the comment script using an all-lower-case URL.
So, if you’re changing the name of the mt-comments.cgi and mt-tb.cgi, try using mixed-case names. It’s not utterly foolproof, but it turns out the comment spammers are only run-of-the-mill fools.
Notes from the underground
What a stereotype: I like my roller-ball pens, but I have a habit of forgetting the cap is off. By halfway through any session, I am usually ink-smeared in some way. I suppose this would be a reliable way of distinguishing reporters from other spectators, if it wasn’t for the media credentials.
Need a dolly for that? The NCAA is apparently trying to cut down on the size of football and basketball media guides, since they were supposedly becoming big, glossy recruiting catalogs. Track guides are sometimes spiral-bound and rarely run to as many pages as your average T&FN (though they use much heavier paper.) Still, I saw the director of one large east-coast relay carnival with a stack of media guides which was easily a foot and a half high.
Our little slice of the meet: The press box is stuffed, but the “independent” reporters like myself (writing either for the running media or various newspapers) are outnumbered by the various “SIDs” (Sports Information Directors) producing program-specific press releases for athletic-department websites. So while the meet media apparatus is kept quite busy, the number of reporters actually attempting to cover the whole meet is fairly small.
Multi-tasking: The availability of a press box and the occasional down-time between events lets me stream my interviews in to my computer right at the venue, which puts me ahead of the game. Sometimes I can start writing my stories before the day is even over.
Name-withholding: Sometimes I feel a bit fake acting familiar with the great athletes at a meet like this, but I did get a warm glow when I was greeted first by one of the coaches, a two-time Olympic marathoner. I won’t drop the name, but he recognizes me because I ran with him once or twice at my former job, where he writes a monthly column for the print magazine.
Fast: Since I had more than one affiliation on my credential request, they apparently just picked one. Therefore, my credentials (and the label on my seat in the press box) identified me with “fast-women.com.” (Only at a track meet would that raise no eyebrows.) At least one volunteer handing out results checked to see if I wanted results from the men, too.
March 11, 2005
Audacity, always audacity
So, I’m on the outskirts of Fayetteville, Arkansas, hunting caches before we have to head to the NCAA Indoor Track championships. I’m at least two tenths of a mile in to the woods, out of direct sight of any development. I’m also several dozen yards off the trail. The GPS says I’m fifty or sixty feet from the cache, so I start looking around, asking myself, “If I was hiding a cache around here, where would I put it?”
In the mailbox, of course.
(Notice that the flag is up for pickup.)
And for good measure
The rental car company does not have the economy car requested, available. Instead, for the economy rate, we have a Crown Victoria. The power and ride may be nice, but I feel like radioing ahead for tugboats when I want to park.
Normally, in this situation, I wind up with minivans. (Twice, now.)
Third time's the charm
The hotel advertises broadband internet in all rooms.
The first room has no ethernet jack.
The second room has a jack, but it doesn’t work. (We need to call the 800 tech support number to confirm this. The phone is on the opposite side of the room from the ethernet jack.)
The third room is a smoking room… but the ethernet jack works. (And I now have an Airport Express plugged in to it, so anyone within a few hundred feet can share.)
And I’m still on Eastern Time, thank you. I’m not naming the hotel because the graveyard shift desk clerk was willing to move us twice in search of working internet.
March 10, 2005
If I had a million hours
It is accepted wisdom that the best software utilities come from some hacker wanting a tool they couldn’t find, and wanting it badly enough to write it themselves. If only I had the time, because I have a want-it-badly utility.
My hard disk is pretty full, which is not a shock, considering the vast quantities of JPEGs in multiple resolutions, SWFs, DCRs, and PPTs I burn to CDs in a given month (not to mention all the PDFs to upload to the web.) There are all kinds of utilities to tell me how full the drive is. There are even some Unix command-line utilities for showing disk use by directory, like
du. Like most command-line utilities,
du has to be carefully instructed, or it gives you either too much information, or not enough.
I’d like a utility which tells me where to look for disk space to reclaim. That could mean either documents to archive, burn, and delete, or apps I’m not using, or whatever. So I’d want to be able to start at any given directory (the root, by default) and see a pie chart of how much disk space is being used by each directory. I’d like to be able to mouse over the chart to see which slice goes to which directory. From there I could either go another layer up the tree (show all grand-child directories of the root directory) or click a slice of the chart to repeat the process with that directory as the new root. And maybe I could command-click on the slice to have that directory opened up so I can see the files and make save-or-delete decisions.
Basically, I want to be able to visualize the data from
du and have shortcuts to act on it.
I could make it even more frilly by allowing a user to create classifications (like “save”, “delete”, “archive and delete”, etc.) and assign them to slices of the pie chart, allowing them to perform disk-space triage on their entire disk, and see what they’ve already looked at vs. what still needs to be considered.
I know this is possible. (There used to be something like this for the Classic Mac OS, called Disk Surveyor, but it clearly never made the jump to OS X.) I even know the tools to create such a thing are available. What I lack is the time to (learn how to) do it.
Now Playing: Rain Song from Revenge Of The Goldfish by Inspiral Carpets
March 9, 2005
How not to compare hexadecimal numbers
9e != 9E is broken. That only took half an hour to sort out. (I’m now forcing caps before the comparison. I’m not sure what determines which case a computer uses when displaying hex numbers.)
Now Playing: Golden from A Girl Called Eddy by A Girl Called Eddy
This always happens when I am too busy
And here I am with every hour booked from now until the middle of next week, and no time to play with it. And it’s so shiny. All I can do is tell everybody I know about it, and come up with ideas for using it. What would you map?
Now Playing: ‘87 from Foolisher Than Pride by Rosemary Caine
How to recognize phishing scam emails
When I talked about pharming I alluded to some signs that indicate an email is a phishing scam. It’s possible to “learn” to recognize the scams just by seeing enough of them; maybe I just recognize patterns more easily than some. These are the patterns I’ve picked up in phishing scams; hopefully they’ll be useful to you.
When it comes to mail from any financial institution, from PayPal to the Fed, the best policy is to treat it as a scam unless you can verify the message using some “out-of-band” method. For example, call your bank by telephone to confirm an email request from them, rather than replying to “their” email or going to their website. A real brick-and-mortar bank is still more likely to send you paper mail than ask for information via email.
The first and most obvious sign of a scam: the supposed source of the message is an institution you don’t do business with. I happen to have kept me clear of most of the big national banks, so nearly every phishing scam I get fits this bill. These are gold, because you know they’re scams; the bank has no reason to be sending you email. Take a good look, because this is what scams look like.
Second sign: the message resembles one you’ve identified as a scam. As near as I can tell, there’s one phishing gang which simply changes the logo and institution name, but otherwise sends identical mail. If your financial institution sends HTML mail, they’re likely to style the whole message, framing the text completely with design elements. Black Arial text on a white background with a logo floated in the upper left screams home-made.
Third sign: HTML-only email. There should be a plain-text version of the message included in the email, in case the recipient’s mail software can’t display HTML messages. (Such mailers do still exist, and many people prefer them.) HTML has many ways of hiding the real destination of a link; plain-text does not, which is why scammers prefer not to send plain-text. If it’s HTML only, don’t trust it!
Fourth sign: Check the URL. You should be able to view the HTML source of an HTML message, and see where the link is actually taking you. (It will be inside quotes in a section starting,
<a href="">). If the
href value doesn’t appear to match the text that’s underlined and blue, don’t trust it… and the harder it is to figure out where the link goes, the less you should trust it.
Fifth sign: Read the headers. Reading the headers used to be the way to trace spammers to their source; with the rise of open proxies and PC botnets, tracing spam usually just leads to a compromised Windows box on a DSL line. But in the case of phishing scams, you don’t need positive identification of the source; you just want to confirm whether it comes from who it says it comes from. If you’re really uncertain about an email, you can learn a lot by using the message headers to find out where it got started. I don’t have the time or space to explain header-reading here, but there are a number of introductions on the web.
With any luck, these five things should be enough to tell you if a message is a scam or legitimate. I doubt it’s comprehensive, though; these are just the things I consider. If there’s another warning sign you use to detect email scams, put it in a comment, and we’ll let Google index it all.
Update, February 18, 2009: This entry is the single biggest magnet for comment spam on this site, so I’ve turned off comments here. I’m sure if you have something legitimate to add, you’ll find another place. Thanks.
Now Playing: Seasons Changed from My Friends and I by Patiokings
March 8, 2005
On my outbound trip on Saturday, I dropped a few bags off at the Salvation Army, mostly clothes that either don’t fit all that well, or I don’t wear anymore. It seemed like a lot of stuff, but it doesn’t seem to have made much difference in the closets, nor do I miss any of it yet.
I think that means I should do another round. I don’t know how much is “enough” but it appears that I have more than that much.
Now Playing: Myrrh from Heyday by The Church
Beat your age
I was talking with one of the other competitors at the meet this weekend. He’d turned 70 in January and was looking forward to being top dog in a new age group. (This is how you can recognize successful masters athletes: they look forward to birthdays.) He told me about one of his training partners and his goal for the 100 free: swim faster than his age.
Coincidentally, the previous weekend I had a short discussion with another reporter about masters sprinters who could “beat their age” over 400m. I think the hundred-yard swimming equivalent is probably reached by more athletes, but at my age either one is flat-out impossible. Even world-class athletes have to be well past 40 to start thinking about that sort of standard.
Look at it this way: to have beaten my age on Sunday, I would have to be 68 or older (more than twice my current age.) To beat my age in a track 400m, I’ll have to wait until I’m at least 55, and even at that age I’ll have to run times I haven’t seen since high school. These guys are really good.
Which made me consider that most of what I’ve done, both running and swimming, has been more the result of good conditioning and well-directed training than that sort of extraordinary talent.
Now Playing: Sit Down from Getting Away With It…Live (Disc 2) by James
March 7, 2005
I have to admit, my perspective on these historic charms is probably a bit warped.
I remember the comic book store in the basement of the Customs House, for example. And the cats, not the governor’s library, in the reading room.
But I still love reading stuff like this, and giving depth to the memories.
Now Playing: Rainslicker from Hello Starling by Josh Ritter
Buying the pharm
This is some rambling, and it has nothing to do with pill-pushing spam. Rather, it’s a new kind of attack called “pharming.”
The background principles are these. There is a hierarchy of servers out on the internet which serve to translate domain names (like flashesofpanic.com) into numerical addresses. This process is called “resolving” a domain name, and your system asks one of these servers to “resolve” domain names whenever you use a domain. (There’s intricate caching rules which I won’t get in to now, since they’re not relevant.)
By now we’ve all heard of “phishing,” where various black-hats send us email pretending to be from banks we don’t have accounts at, trying to fool us into going to websites which look like those of the banks and filling in (“confirming”) our personal data and account information, which they can then use for several avenues of fraud. Phishing can be combatted by education: once a user understands that you can’t trust everything you see in e-mail, it becomes pretty simple to recognize the ruses used by the phishermen.
Pharming takes this to the next level. Instead of trying to fool you into going to a site which is not that of the financial institution, they “poison” the DNS servers such that when you “resolve” the domain name of the bank, you are sent to their website instead. Your browser says www.mybank.com, but the numerical IP address is somewhere else. It is nearly impossible to recognize this kind of scam.
Nearly. But not completely. This is where digital certificates come in. Certificates have a dual role. First, they are one side of an asymmetric key encrypted conversation between hosts, which is their most widely known use. They’re what puts the padlock in your browser window and assures you that your credit-card number is encrypted as it passes over the wild, wild internet on the way to the browser. But they are also signatures, issued by a signing authority and serving as proof that your site is what it says it is. If I tried to serve a certificate claiming I was ebay.com here on this site, your browser would pop up all kinds of warning flags.
Likewise, if I serve a “self-signed certificate” as a key, as I might when providing secure webmail, your browser will pop up a different error. It will say, sure, the certificate matches the domain name, but nobody vouches for it. (Actually, it will say something like, “The certificate wasn’t issued by a recognized authority,” or “No trust path could be established,” but those all mean the same thing to geeks.)
Which leads to an uncomfortable place. To efficiently guard against pharming, we should be conditioning users to pay attention to those warning messages from their browser, not tune them out. That probably means not using self-signed certificates for webmail or SSL email. But that, in turn, would require us to cough up $300 to a certificate authority which doesn’t actually do much other than a cursory verification of our paperwork stating that we are who we say we are.
My paranoia and my New England flintiness are in conflict here.
Now Playing: Welcome To The Occupation from Document by R.E.M.
March 6, 2005
The language of achievement
Runners and swimmers use different language to describe their races. Specifically, the past perfective verb used to describe times. Runners will use the specific verb of their event: Paul Tergat ran a sub-2:05 marathon. John Godina threw the best mark of the indoor season. Swimmers, however, just use forms of “go.” So I would say, “I went 6:40 for the 500 free.”
I noticed my brother using this form a long time ago, but now I find myself saying it too, because “swam” sounds uncomfortable in the mouth. Maybe the root of the idiom is uncertainty about the past perfect form of “to swim,” which is one of those old, old verbs which declines by changing its vowel rather than with a suffix. Modern verbs (“to google,” “to blog,”) don’t do that. Swim, swam, swum. Sounds weird, doesn’t it?
Now Playing: I Send A Message from The Swing by INXS
I could swim faster if I wasn't so tired (reprise)
Skiing for an hour thirty probably isn’t the best way to rest in advance of a swim meet, but the time was available and there was plenty of snow on the ground at Notchview. I did need to scrape the skis and put on red wax (for above-freezing temperatures; the last few times I’ve been up there, I used purple below-freezing wax,) but otherwise all was well. The four times I fell, it was mostly clumsiness, not speed. I stopped before I got too tired. I think.
Today’s meet was a two-hour affair in which I swam the same three events I did at New Englands last spring, but in a slightly different order. I seeded myself with my New Englands times, both because they’re my last competitive marks, and because I figured I was faster now, and it’s nice to beat your seeds.
That said, though, after the petty nervous agitations of thinking I was late (I wasn’t) and getting off-course (the directions called for leaving the Mass Pike at Exit 2, West Stockbridge, but West Stockbridge is not Exit 2,) I got a decent warm up and settled in with just one thing to worry about: getting three decent starts which didn’t involve my goggles coming un-sealed. (Details in the extended entry…)
Now Playing: Untitled (bonus track) from Green by R.E.M.Continue reading "I could swim faster if I wasn't so tired (reprise)"
March 5, 2005
Watch this space
This page is currently 404, but they tell me that tomorrow it will have the results of the meet I’m swimming.
Driving to Notchview from Amherst requires a trip through Williamsburg, up the Mill River from Northampton. Much of the drive along Route 9 is alongside the river, and there are a few little memorials along the way. The memorials are from the flood described at this cache.
To summarize, a reservoir dam upstream in Williamsburg ruptured, the first recorded dam failure in the U.S. The dam was entirely swept away, and a twenty-foot flood wall swept down the stream through downtown Williamsburg, Haydenville, Leeds, and Florence. 138 people died, and it was the biggest industrial catastrophe in American history until it was (sadly for all concerned) dwarfed by the Johnstown flood in Pennsylvania a few years later.
Nowadays, aside from the markers in the towns along the flood’s path, you wouldn’t know it ever happened. The dam itself has been swallowed by the forest, and many of the mills were rebuilt. Once you know about it, though, it’s hard to drive that little corridor without imagining the wall of water sweeping down. It’s a little chilling.
Now Playing: Capsized from You Were Here by Sarah Harmer
March 4, 2005
The sap buckets are out on the maple trees by the office, and the tube networks have spread like plastic spiderwebs through most local sugarbushes. (I learned last year that a “sugarbush” is a stand or grove of maple trees.)
I didn’t see any smoke coming from the sugar houses on Route 9 last Sunday when I drove up to Notchview, probably because the weather hasn’t been right (yet) for a good sap run. Apparently the best season is when the days are above freezing, and the nights below.
Now Playing: Army from Ben Folds Live by Ben Folds
When I was researching my uptime rollover issue, I found several discussions which suggested that uptime is actually measured, at the kernel level, in units known (I am not making this up) as “jiffies.”
Jiffy turns out to have several definitions, but in the case of
uptime it is .01 second, a “tick” of the computer clock. (It is stored in a thirty-two bit register, which means it will count to 232 or 4,294,967,295 jiffies, which is ~42,949,672 seconds, ~715,828 minutes, ~11,930 hours, or ~497 days… it makes sense now.)
The idea of the “jiffy” as a standard unit of measure tickles me. In this vein, I’ve decided to give up taking mass measurements in pounds. I’m now measuring only how much I vary from an arbitrary “marathon fitness” milestone, using cats as my unit of measure. Since the cat’s mass varies somewhat, the number is pretty fluid, but this is not a value which can be measured with great precision in any case. (It can be measured with depressing accuracy, but precision and accuracy are not the same thing.)
Right now I’m up by about 1.2 cats. Once I get my weekly mileage back where it should be, I should be able to trim much of that in a jiffy.
Now Playing: Wake from Yellow No.5 [EP] by Heatmiser
March 3, 2005
March is the waiting time. The town’s attitude towards snow, a large helping of which we got on Monday, has altered significantly with the turn of the calendar page, from resignation and acceptance to a mixture of despair and hope. The concrete manifestation is the shift from carefully scraping our sidewalks and driveways bare of white stuff, to grudgingly clearing the absolute minimum of space and waiting for the extended sunlight hours to melt the rest.
The astronomical “first day of spring” is on the same calendar page we are, along with Easter. We know the warm stuff is coming, and that promise is what’s carrying us through the “chance of flurries” graphics which litter the forecast.
Inside, things aren’t much different. I am in that time when graduate programs I have applied to might be responding to me. None have, yet, but they aren’t late yet, either. I know I’ll be moving forward in the fall, but until I know how, there’s not much for me to do but noodle around with transient little projects. I can keep my hands busy, but I feel like rot is setting in somewhere around the ambitious part of my head.
It’s likely to get worse before it gets better. But it’s March, and that means April is right around the corner. Right? Let’s just not discuss mud season, for the moment.
Now Playing: Telepath from Forget Yourself by The Church
In the support mailbox today: some questions about a demonstration version of some of our software. The demo version is full-featured but expires after a (fairly long) demonstration period.
The questions, however, were obviously different ways of asking, “So, how can I keep using the demo after the demonstration period is over?” I wish they had just asked it directly, because the answer is much simpler that way: “Buy the software.”
Seriously, folks. Don’t ask the support people at a company how to circumvent their own license restrictions. We had a reason for setting up the demo that way; it wasn’t just intended as a game.
Now Playing: Vervacious from Millionaires by James
March 2, 2005
I can be proud of incomprehensible things
My mail server (here at work) now supports encrypted POP, IMAP and SMTP connections. And I can add
stunnel to the list of utilities I’ve successfully implemented. It’s shockingly easy, actually. Well, I thought so, anyway.
Now I have to figure out how to explain this to my users. Actually, first I have to figure out who, besides myself, will be affected if I require secure connections from outside the LAN.
Now Playing: Snow Is Gone from Hello Starling by Josh Ritter
March 1, 2005
It's the subtle things
Barb asked, following up on my post about Firefox drawing even with IE in my site statistics, if there are reasons to switch to Firefox (or at least away from IE) that are easy for a non-technical person to understand.
Since I’m a Macintosh user, I’m not subjected to the Big Blue E on a daily basis, so I mostly see things from a developer’s standpoint. Since FF has better support for web standards, more people using FF mean less people using the ever-so-2001 IE, which means I can do more interesting things while worrying less about browser support. Tim Bray made this point way back in 2003. (And Longhorn is now due even later than Bray thought then.)
- Tabbed browsing. Open a whole slew of web pages in one window (or a folder full of bookmarks at once, in separate tabs.)
- Pop-up blocking. IE is getting there now (there were pop-up blockers for IE, but they were hacks which did nothing for the stability of your computer,) but alternative browsers have been there for two or three years now.
- New web features. The new browsers offer support for things like PNG-format graphics, which allow images to fade into their background much more elegantly than was previously possible. Web pages designed for the standards supported by Firefox, Safari, Opera et al look better.
- Stability. IE is built on a code base more than a decade old. As a result, it has become bloated and a hog of system resources. Modern browsers like Firefox use less memory and are more stable, which means they start faster, run faster, and crash less.
- Security. Spyware, worms and viruses are pervasive nowadays, and most of them are built around ActiveX controls or Browser Helper Objects, which are two technologies unique to IE. Stop using IE, and you’ve instantly made yourself invulnerable to those routes of attack, and you’ve lost barely anything. (Malware developers outnumber legitimate applications of these technologies, nowadays.) The alternative browsers have their own security problems, but their record is far better than Microsoft’s.
That’s probably enough from me, since the two sites I’ve linked above make the case quite well. It’s actually impossible to uninstall IE from a Windows system, so it won’t go away; you’ve got nothing to lose by trying a different browser (and on Windows, that’s probably Firefox.)
Now Playing: Other Side from Golden Age of Radio Bonus Disk by Josh Ritter
More feeds, less mail
I’m becoming a passionate supporter of web feeds (RSS and/or Atom) in place of broadcast e-mail lists.
One of our authors has been running a broadcast list for several years. His previous list host closed him down last week (he had been a visiting professor there, and has returned to his home institution) so he moved the list to our server.
This morning I found close to 100 bounce messages in my inbox, and so far this morning I have spent most of my work time reading the bounces and removing the (presumably bad) addresses from the list.
Why centralize that garbage? Let’s give them a feed and let them subscribe and unsubscribe when they want to. We can even let them slice and dice which categories of the list content they want feeds of. Everyone wins: the list maintainer has less work to do. I have less work to do. And the users have more options.
Well, those users who understand what a feed is and how to subscribe to one, that is.
Now Playing: Seagull from Nowhere by Ride
Why I think I am a good student
I’m looking at an email which we got an unspecified number of months ago. It’s a support request from a student at an unnamed university (yahoo.com email address) for help with a CD-ROM packaged with one of our titles.
pleas can u help, i recently bought thr [title omitted] book which comes with an interactive cd-rom, the only thing is that i cannot download the shockwaves player on to my windows xp. could you please contact me on this email with any solutions that you may have. i have an exam on it soon and i would really find it helpfull if i could sort this problem out.
I don’t remember how I responded, but all I can think is, I really hope they can straighten up their email voice before they start applying for jobs.
And, if this is representative of the undergraduate pool, my grad school applications must look really good.
Now Playing: She Cried from Pale by Toad The Wet Sprocket