It took me less than 5 minutes to upgrade 4 blogs that I’m responsible for on the technical end. If you are a Wordpress user who has shell access to your server and you aren’t using subversion to update, then you are just wasting your time.

I have been looking forward to this release for quite some time. The interface is nicer looking on the back end, and threaded comments are available without a plugin. As with any upgrade, please let me know if you experience any issues. I have tested most things on a test site, but there is always the chance something crazy will happen during a release.

That is what I heard from a Microsoft trainer recently. Does anyone have any direct knowledge of whether this is true or not? The problem with any metric like this is that there are so many more variables than just Windows Vista and Windows XP. For example, take a 3-year old Windows XP machine and refresh it with a brand new PC and a fresh operating system and I guarantee help desk calls will go down, at least temporarily.

Here are some possible reasons that Vista may cut down on your help desk calls. Read the rest of this entry »

This is some good stuff. I downloaded the DirecTV2PC beta recently and have been using it to watch recorded shows in other rooms of the house. Read on for a full review with screen shots. Read the rest of this entry »

You heard about it here and elsewhere, plus Microsoft should have been popping up in your system tray asking you to update. Did you do it? If not, now is the time to get on it. Some exploit code has been published, so this typically means that it will not be much longer before people with ill intentions integrate the code into some other type of malicious software.

Clearly this one was not quite as dire as we were led to believe, however it is a good exercise in emergency patch procedure. I recently wrote about having to delay the monthly patches a week due to some high profile visitors and a general sudden paranoia about the safety of patching. The same week I finally pushed patches with WSUS was the week this critical patch was released, so we quickly called for some downtime again with the servers and forced the patch out to all users.

I did some things a long time ago to make such an emergency patch more feasible. The first thing was to lower the interval that desktops check for the patch. Since they are checking with my WSUS server, this ads slightly more network activity, but does not slow down the WAN connection one bit. The default limit is 24 hours and I changed it to 8. This means that so long as I schedule a patch outside of 8 hours of a deadline I can hit every single computer that was turned on. The second thing was an auto-approve rule. I automatically approve every single patch that comes into my WSUS server for a computer group called Not Fully Approved, or NFA that has no computer as member. This forces the patch to immediately begin downloading so that it is immediately ready for distribution when I approve it.

Wordpress is close to releasing version 2.7, and there is never a better time to jump on the Wordpress bandwagon. Some of the best new features are threaded comments, inline editing, comments API, dashboard comment replies, keyboard shortcuts, sticky posts, Automattic plugin install.

I noticed that the dashboard is drag and drop customisable and much more configurable. The idea is to make you more efficient. It looks like plugin installs work the same way plugin updates try to now. Of course, you must enter your username and password in the clear in order to make it work, so that’s not a wonderful solution, but it works. I don’t mind too much because I can connect with a ssh tunnel and tinyproxy, but I would prefer some way to store my real password on the server and use a secondary password such as my blog password to pull that password out and use it for my account.

Check out this page for a video of the demonstration.

Wordpress is the gold standard by which all other web applications will eventually be judged. With these additions and automatic software updating, there is not much left to make it easier for the user. I’m sure they will think of something though.

We just had patch Tuesday last week, so typically today would be the day when all the Windows servers are patched and rebooted. Due to a visit by a dignitary early next week a decision was made by people outside of IT to postpone patching until the following weekend. Is this a legitimate reason to postpone patching? The one legitimate argument is that something could go wrong with the patching and we end up recovering systems into the week. The likelihood of that happening must be pretty small since it has never once happened to us before. I do plenty of patch testing before making the decision to roll out, so there is usually forewarning that something negative is in the air in plenty of time to delay patching for a fix. In addition, many of the machines are virtual which could easily be snapshot before a patch if it were that critical.

On the other hand, patching regularly has kept us from getting any serious virus or worm for over three years. I wouldn’t wish for it because I would have to help in cleanup, but sometimes I wonder what it would be like if such a decision backfired and we got hurt precisely because they tried to avoid it.

I was getting excited about the imminent release of Debian Lenny, but it has been delayed again. There are some 200 outstanding release critical bugs left to squash before it can be released. I appreciate the thoroughness put into Debian releases, which is why I use it myself. Some flavors I’ve used are as follows: Slackware, RedHat, Gentoo, Debian, OpenSUSE, Red Hat Enterprise, SuSE Linux Enterprise Server & Desktop. I’m no Linux zealot, but Linux does have a place in enterprise and small business.

I prefer Debian because it is so thoroughly tested, it’s updates and security patches are simple, and it is the best documented flavor out there. I mainly use Linux in a server environment although I have run it as my primary desktop for many years both at home and work. My professional linux experience includes running several HPC clusters and large crunch machines which process large analysis jobs. At work I am currently centered on SuSE Linux Enterprise Server. The business wants to have paid maintenance even though I’ve never taken advantage of it. Part of the theory is that they may need it if I were ever to leave.

A brief summary of the flavors I have used is as follows. Read the rest of this entry »

To backup Divine!

Good thing I back up my sites every night. Yesterday with one fell swoop I wiped out every one of my MySQL databases, and had to restore from last night’s backup. Fortunately this happened early in the morning and there was little lost. My wife lost some comments and I lost some configuration changes. The comments can’t be replaced, but the configuration changes were easily redone, although I haven’t finished all of them yet.

Read the rest of this entry »

Saw this article over on Engadget where HP thinks that changing the interface on Linux is equivalent to writing an OS. Original article with more details is at Businesweek.

Just want to clarify something here. RedHat is not an operating system. SuSE is not an operating system. Linux is an operating system. BSD is an operating system. Microsoft Windows is an operating system. If I skin Windows and add in some freeware applications it doesn’t make it a new operating system. I think Microsoft would have an issue with that. The only way people get away with saying things like this is that there is no one who controls Linux from a commercial standpoint.

It is intersting that they think they want to undertake the maintenance duties of developing their own flavor of Linux. I think they would be much better served by using SuSE or RedHat, or even Ubuntu. The major PC vendors have displayed many times that they can’t get open source right. In fact, one of the biggest gripes I have with Dell is that they charge more for their hardware if you buy Linux than if you buy Windows, and they don’t offer their higher end hardware with Linux. I’m the kind of person who always wipes a PC clean and reinstalls the operating system after I get a system, so it doesn’t matter much to me whether or not it comes with Linux, but I think there should be some kind of price break for not having to pay for Windows. Unfortunately it seems that the actual value to the big name PC makers is diminished by having Linux on the box. Apparently they get so many kickbacks from Microsoft that they subsidize the hardware. Right.

Anyway, this rant brought to you because an Operating System is different than a Theme and set of installed applications.

Since the other day was talk like a pirate day, I thought I would write about a different kind of pirate - one that uses and trades unlicensed software. When I was in college I always vowed that I would pay for the software that I used once I had a job and the means to afford it, and I have kept with that promise. I understand that there are many people without the means to purchase software, and that piracy can help them get a leg up in their education to be able to afford to purchase that software in the future. I personally don’t want to ever have to go there again. Everything on my computer is either Freeware/GPL or paid for commercial software.

I’m not sure there is a good solution for piracy though, because some people will perpetually steal software with no sense of moral grounding. I was speaking with an individual who is a recent graduate from College who was in my same boat - couldn’t afford the software, but wanted to have it so he could learn how to use it an make himself marketable. He was also of the same mindset, and while he probably isn’t making a super huge salary, he is starting to purchase the software that he previously downloaded and removing the software that he no longer has need of.

On the other hand, I know of a few individuals who make many times my salary yet feel that they shouldn’t have to pay for the software on their computers. I know this because I have cleaned up their computers from some of the garbage that they downloaded that had backdoors and spyware associated with it. I have been asked many times to reload unlicensed versions of Windows, which I refuse to do, and one time I was told by someone I work for to do it for his boss on company time. I don’t want to get started about how many levels deep that ethical issue went.

The system is broken.

Software Copyright holders attempt to use activation procedures to protect their content, however this is like putting a lock on a screened-in porch door. It only keeps the good people out. Media copyright holders such as the RIAA and MPAA are attempting to go after those who share their content, however this misses the people with hard drives full of movies and music who are collectors. They seem to target the small players too - individuals who have an album or two on a share because they installed some software and didn’t read enough to realize that they were going to be sharing the music on their computers with the world. Broken enforcement.

Software and media needs to be priced at a reasonable level for its utility. The average home user probably rarely uses their office package, so charging $600 is unreasonable. The average web developer who is handed some psd files is probably going to use photoshop all of ten minutes to modify those files and convert them into something he can use. Is that worth $700? I can’t justify spending $700 for photoshop, so I use the GIMP, which is more than adequate to fill my needs. On the other hand, a graphics artist who uses Photoshop for 7 hours a day to make his livlihood should be paying that much for the software. As a computer geek I would prefer to use Photoshop so that I could help those graphics designers when they run into problems, but again that’s not worth $700 to me so that I can hand out free advice to people. Broken cost.

The solution is not easy.

The solution is multi-faceted and must be targeted specifically at the broken issues in the system currently. First of all, activation either doesn’t go far enough or goes too far. When transferring software from one computer to another becomes illegal, or requires repurchasing, that takes activation too far. Activation procedures are also too easy to break. Within hours of a commercial software package’s launch, someone will have figured out how to crack or bypass the activation and those who look for the means to get around it will be able to find it. Again, the good guy suffers here.

For software licensing, I propose a system similar to FlexLM where a user has to check out a key and remain in constant contact with the license server or the software will cease to function. For offline use a key could be checked out for a duration of time just like in FlexLM. Now why should we submit to such a model? Pay per usage. If an application such as Microsoft Office cost $0.50/day to use it, just for example, then I would have it installed on my Wife’s computer instead of Open Office. She uses the software once or twice a week, and ~$52/year is easier to swallow than paying retail prices. Continually updated software is another reason. In such a licensing model, users could always download the latest version of the software and not be stuck in an older version. It breaks down the barrier to entry for most people for a software package like Office. For $0.10/hour I would also have the more powerful Photoshop installed on my computer instead of GIMP. Pricing could then easily be tiered based on commercial or non-commercial use, and upon support levels.

The second part of the solution is enforcement. Instead of targeting the small time sharers such as the MPAA does, they need to target the big-time criminals who are actively cracking and making this software and media available for general use. An end user shouldn’t have to fear that their copy of software might not be genuine and that their list of MP3s downloaded and paid for from Amazon might become a target of the RIAA if they get some kind of malware on their computer that decides to start sharing those to the world.

The third part of the solutin is reporting. I know some of the software alliances have reporting tools on their websites, and I have actually visited them in the past in an attempt to report a violation. The last time I did so, the form was so complex and required so much information that I was not willing to put my own self on the line to report someone else’s infraction. For example, how do I report my boss’s boss, etc. Where are the anonymous tip lines. They didn’t exist backt hen, but today I did find one site that has this, but I don’t know how effective reporting will be.

That’s my solution in a nutshell. Not really much to it - mainly an enforcable and practical subscription model, reasonable prices to remove impetus for theft, and appropriate enforcement. There are a few holes I haven’t covered, but feel free to point them out.