Apr 172021
 

Yesterday it was hardware, today it was software.

An e-mail that I sent to a bell.ca address was rejected.

Perhaps I am mistaken but I believe that these Bell/Sympatico mailboxes are managed, handled by Yahoo!. And Yahoo! occasionally made my life difficult by either rejecting mail from my server or dropping it in the recipient’s spam folder. I tried to contact them once, but it was hopeless. Never mind that my domain, vttoth.com, is actually a few months older (July 1, 1994 as opposed to January 18, 1995) than Yahoo!’s and has been continuously owned by a single owner. Never mind that my domain was never used to send spam. Never mind that I get plenty of spam from Yahoo! accounts.

Of course you can’t fight city hall. One thing I can do, instead, is to implement one of the protocols Yahoo wants, the DKIM protocol, to authenticate outgoing e-mail, improving its chances of getting accepted.

But setting it up was a bloody nuisance. So many little traps! In the end, I succeeded, but not before resorting to some rather colorful language.

This little tutorial proved immensely helpful, so helpful in fact that I am going to save its contents, just in case:

https://www.web-workers.ch/index.php/2019/10/21/how-to-configure-dkim-spf-dmarc-on-sendmail-for-multiple-domains-on-centos-7/

Very well. It is time to return to more glamorous activities. It’s not like I don’t have things to do.

 Posted by at 2:57 pm
Apr 162021
 

Working from my home office and running my own equipment (including server equipment) here means that I have some rather mundane tasks to perform. As a one-man band, I am my own IT support, and that includes software, as well as hardware.

The less glamorous part of software support is installing updates and patches, resolving driver conflicts, keeping external equipment such as routers and network switches up to date.

The less glamorous part of hardware support? Mostly it involves dust. Ginormous dust bunnies, that is.

Ever heard of the expression, “rat’s nest”? It is sometimes used to describe the tangle of cables and wires that hide behind a computer. Now imagine a computer to which several USB hubs, ten external hard drives and additional equipment are connected, most of which have their own power supply. Yes, it’s ugly. Especially if those little power bricks are plugged into a haphazardly assembled multitude of cheap power strips.

And dust collects everywhere. Thick, ugly dust, made of human dandruff, cat dandruff, hair (human and cat), fluff from clothing, crumbs from many past meals. Normally, you would just vacuum up this stuff, but you don’t want to disturb the rat’s nest. Plugs can come lose. You might lose data. And even if you don’t, simply finding the plug that came lose can be a royal pain in the proverbial.

Long story short, I’ve had enough. The other day, I ordered the longest power strip I could find on Amazon, with 24 outlets, complete with mounting brackets. And yesterday, I managed to affix it to the underside of my main desk.

Which means that yesterday and today, working my way through the list one piece of equipment at a time, I managed to move all power plugs to this new power strip. As it hangs from the underside of my desk, it’s most importantly not on the floor. So the floor can be (gasp!) cleaned.

And now I even have room to access my workstation’s side panels, if need be. One of these days, I might even be able to vacuum its back, removing years’ worth of dust from its fan grids. But for now, I contend myself with the knowledge that I freed up four (!) cheap power strips, a three-outlet extension cable, and a three-outlet plug, all of which were fully in use. What a liberating feeling.

Having spent a fair amount of time today on all fours under my desk, however, did prompt me to mutter, “I am too old for this,” several times this afternoon… especially as I still feel a bit under the weather, an unpleasant aftereffect, no doubt, of the COVID-19 vaccine I received yesterday.

 Posted by at 10:33 pm
Mar 162021
 

Somebody just reminded me: Back in 1982-83 a friend of mine and I had an idea and I even spent some time building a simple simulator of it in PASCAL. (This was back in the days when a 699-line piece of PASCAL code was a huuuuge program!)

So it went like this: Operative memory (RAM) and processor are separate entities in a conventional computer. This means that before a computer can do anything, it needs to fetch data from RAM, then after it’s done with that data, it needs to put it back into RAM. The processor can only hold a small amount of data in its internal registers.

This remains true even today; sure, modern processors have a lot of on-chip cache but conceptually, it is still separate RAM, it’s just very fast memory that is also physically closer to the processor core, requiring less time to fetch or store data.

But what if we abandon this concept and do away with the processor altogether? What if instead we make the bytes themselves “smart”?

That is to say what if, instead of dumb storage elements that can only be used to store data, we have active storage elements that are minimalist processors themselves, capable of performing simple operations but, much more importantly, capable of sending data to any other storage element in the system?

The massive number of required interconnection between storage elements may appear like a show-stopper but here, we can borrow a century-old concept from telephony: the switch. Instead of sending data directly, how about having a crossbar-like interconnect? Its capacity will be finite, of course, but that would work fine so long as most storage elements are not trying to send data at the same time. And possibly (though it can induce a performance penalty) we could have a hierarchical system: again, that’s the way large telephone networks function, with local switches serving smaller geographic areas but interconnected into a regional, national, or nowadays global telephone network.

Well, that was almost 40 years ago. It was a fun idea to explore in software even though we never knew how it might be implemented in hardware. One lesson I learned is that programming such a manifestly parallel computer is very difficult. Instead of thinking about a sequence of operations, you have to think about a sequence of states for the system as a whole. Perhaps this, more than any technical issue, is the real show-stopper; sure, programming can be automated using appropriate tools, compilers and whatnot, but that just might negate any efficiency such a parallel architecture may offer.

Then again, similar ideas have resurfaced in the decades since, sometimes on the network level as massively parallel networks of computers are used in place of conventional supercomputers.


Gotta love the Y2K bug in the header, by the way. Except that it isn’t. Rather, it’s an implementation difference: I believe the PDP-11 PASCAL that we were using represented a date in the format dd-mm-yyyy, as opposed to dd-MMM-yyyy that is used by this modern Pascal-to-C translator. As I only allocated 10 characters to hold the date in my original code, the final digit is omitted. As for the letters "H J" that appear on top, that was just the VT-100 escape sequence to clear the screen, but with the high bit set on ESC for some reason. I am sure it made sense on the terminals that we were using back in 1982, but xterm just prints the characters.

 Posted by at 12:54 pm
Nov 192020
 

In recent years, I saw myself mostly as a “centrist liberal”: one who may lean conservative on matters of the economy and state power, but who firmly (very firmly) believes in basic human rights and basic human decency. One who wishes to live in a post-racial society in which your ethnicity or the color of your skin matter no more than the color of your eyes or your hairstyle. A society in which you are judged by the strength of your character. A society in which consenting, loving adults can form families regardless of their gender or sexual orientation. A society that treats heterosexuals and non-heterosexuals alike, without prejudice, without shaming, without rejection. A society in which covert racism no longer affords me “white privilege” while creating invisible barriers to those who come from a different ethnic background.

But then, I read that one of the pressing issues of the day is… the elimination of terms such as “master/slave” or “blacklist/whitelist” from the technical literature and from millions upon millions of lines of software code.

Say what again?

I mean… not too long ago, this was satire. Not too long ago, we laughed when overzealous censors (or was it misguided software?) changed “black-and-white” into “African-American-and-white”. Never did I think that one day, reality catches up with this Monty Pythonesque insanity.

It is one thing to fight for a post-racial society with gender equality. For a society in which homosexuals, transsexuals and others feel fully appreciated as human beings, just like their conventionally heterosexual neighbors. For a society free of overt or covert discrimination.

It is another thing to seek offense where none was intended. To misappropriate terms that, in the technical literature, NEVER MEANT what you suggest they mean. And then, to top it all off, to intimidate people who do not sing exactly the same song as the politically correct choir.

No, I do not claim the right, the privilege, to tell you what terms you should or should not find offensive. I am simply calling you out on this BS. You know that there is/was nothing racist about blacklisting a spammer’s e-mail address or arranging a pair of flip-flops (the electronic components, not the footwear) in a master/slave circuit. But you are purposefully searching for the use of words like “black” or “slave”, in any context, just to fuel this phony outrage. Enough already!

Do you truly want to fight real racism? Racism that harms people every day, that prevents talented young people from reaching their full potential, racism that still shortens lives and makes lives unduly miserable? Racial discrimination remains real in many parts of the world, including North America. Look no further than indigenous communities here in Canada, or urban ghettos or Native American villages in the United States. And elsewhere in the world? The treatment of the Uyghurs in China, the treatment of many ethnic minorities in Russia, human rights abuses throughout Africa and Asia, rising nationalism and xenophobia in Europe.

But instead of fighting to make the world a better place for those who really are in need, you occupy yourselves with this made-up nonsense. And as a result, you achieve the exact opposite of what you purportedly intend. Do you know why? Well, part of the reason is that decent, well-meaning people in democratic countries now vote against “progressives” because they are fed up with your thought police.

No, I do not wish to offer excuses for the real racists, the bona fide xenophobes, the closet nazis and others who enthusiastically support Trump or other wannabe autocrats elsewhere in the world. But surely, you don’t believe that over 70 million Americans who voted for Donald J. Trump 17 days ago are racist, xenophobic closet nazis?

Because if that’s what you believe, you are no better than the real racists, real xenophobes and real closet nazis. Your view of your fellow citizens is a distorted caricature, a hateful stereotype.

No, many of those who voted for Trump; many of those who voted for Biden but denied Democrats their Senate majority; many of those who voted for Biden but voted Democratic congresspeople out of the US Congress: They did so, in part, because you went too far. You are no longer solving problems. You are creating problems where none exist. Worse yet, through “cancel culture” you are trying to silence your critics.

But perhaps this is exactly what you want. Perpetuate the problem instead of solving it. For what would happen to you in a post-racial society with gender equality and full (and fully respected) LGBTQ rights? You would fade back into obscurity. You’d have to find a real job somewhere. You would no longer be able to present yourself as a respected, progressive “community leader”.

Oh, no, we can’t have that! You are a champion of human rights! You are fighting a neverending fight against white supremacism, white privilege, racism and all that! How dare I question the purity of your heart, your intent?

So you do your darnedest best to create conflict where none exists. There is no better example of this than the emergence of the word “cis” as a pejorative term describing… me, among other people, a heterosexual, white, middle-class male, especially one who happens to have an opinion and is unwilling to hide it. Exactly how you are making the world a better place by “repurposing” a word in this manner even as you fight against long-established terminology in the technical literature that you perceive as racist is beyond me. But I have had enough of this nonsense.

 Posted by at 10:46 pm
Nov 112020
 

Did Microsoft just offer me a 14-year old driver as a new update for Windows 10? Oh yes, they did!

But that’s okay… why fix something if it is not broken? Though I do wonder, if it is indeed a 14-year old driver, why was it not part of Windows 10 already? But never mind.

On the plus side, last night Windows 10 performed a feature upgrade along with security updates, and the whole upgrade process finished in well under half an hour; the reboot and installation phase only took a few minutes and so far, as far as I can tell, nothing is broken. Nice.

 Posted by at 12:36 pm
Oct 092020
 

So I try to start a piece of software that accesses a classic serial port.

The software locks up. The process becomes unkillable. Because, you know… because. Microsoft has not yet discovered kill -9 I guess.

(Yes, I know that unkillable zombie processes exist under Linux/UNIX, too. But in the past 25 years, I remember exactly one (1) occasion when a Linux process was truly unkillable, hung in a privileged kernel call, and actually required a reboot with no workaround. On Linux, this is considered a bug, not a feature. In contrast, on Windows this is a regular occurrence. Then again, on Linux I have fine-grained control and I can update pretty much everything other than the kernel binary, without ever having to reboot.)

Ok-kay… this means Windows has to be restarted. Fine. At least let me check if there are any Windows updates. Oops… error, because an “update service is shutting down” or whatever.

Oh well, let’s restart. The browser (Edge) will remember my previously opened tabs, right?

After restart, another program tells me that it has an update. Clicking on the update button opens the browser with the download link. Fine. Just checking, in the browser history all my previously opened tabs (lots of them) are still there. Good.

Meanwhile, Windows Update does come to life and tells me that I need to restart my system. Couldn’t you freaking tell me this BEFORE I restarted?

Oh well, might as well… restart #2.

After restart, let’s open the browser. History… and all my previously opened tabs are gone. The only thing the bloody browser remembers is the single tab that contained the download link for that application.

@!##%@#!@. And @#$$!@#$@!$. And all their relatives, too. Live or deceased. And any related deities.

Oh well, let’s restore the bleeping tabs manually; fortunately, I also had most of them opened in Chrome, so I could reopen them, one by one, in Edge. (Maybe there’s a more efficient way of doing this, but I wasn’t going to research that.)

Meanwhile, I also restarted Visual Studio 2019. It told me that it had an update. Having learned from previous experience, I shut down a specific service that was known to interfere with the update. It proved insufficient. When Visual Studio was done updating, it told me that “only one thing” remains: a teeny weeny inconsequential thing, ANOTHER BLOODY RESTART.

Because, ladies and gentlemen, in the fine year of 2020, the great software company Microsoft has not yet found a way to UPDATE A BLEEPING APPLICATION without restarting the WHOLE BLEEPING WORLD. Or at the very least do me a bleeping failure and warn IN ADVANCE that the update may require a restart.

My favorite coffee mug survived, but only just barely. I almost smashed it against the wall.

So here we go… restart #3.

It was nearly two hours ago that I innocently tried to turn on that program that required access to the serial port. Since then, I probably aged a few years, increased my chances of a stroke and other illnesses related to high pressure, barked at my beautiful wife and my cats, almost smashed my favorite mug, lost several browser tabs but also my history in some xterm windows, and other than that, accomplished ABSOLUTELY NOTHING.

Thanks for nothing, Microsoft.

And I actually like Microsoft. Imagine what I’d be saying if I hated them.

 Posted by at 1:18 pm
Aug 162020
 

Moments ago, as I was about to close Microsoft Visio after editing a drawing, I was confronted with the following question:

Do you want to save earth?

Needless to say, I felt morally obliged to click Save.

In case you are wondering, yes, the file was indeed named earth.vsdx.

 Posted by at 10:32 pm
Aug 022020
 

For years now, Microsoft’s support site, answers.microsoft.com, has been annoying the hell out of me.

It’s not that they aren’t trying. Their intentions are, well… how does the saying go about the road to hell?

Take today, for instance, when Windows Update gave me an error message that I have never seen before: “We could not complete the install because an update service was shutting down”. What the bleep? Why causes this? How do I fix it?

A quick Google search led me to the aforementioned Microsoft support site. I was, of course, hoping to see a solution there.

A volunteer moderator offers a marginally useful reply: Check if the Windows Update service is set to automatic, and/or try to manually install the update in question.

An independent advisor asks what version of Windows caused the issue.

Another independent advisor, who sounds like a bot, advises several methods: 1) run the Windows Update troubleshooter, 2) download the latest service pack manually, 3) download the latest updates manually, 4) fix file corruption, or 5) in-place upgrade Windows from a DVD.

Needless to say, I wasn’t planning to run manual updates or reinstall Windows. I was simply hoping to see if perhaps there was an explanation of what might have caused this error and any specific recommendations, before taking the one obvious step that was not mentioned by any of the responders: open the Task Manager, click the Services tab, right-click the Windows Update service (wuauserv) and click Restart.

Why is it so hard to, you know, refrain from answering a question unless you actually know the bleeping answer?

Reminds me of why I never really liked unmoderated Usenet newsgroups. At least on answers.microsoft.com, you don’t get answers like “what kind of an idiot still uses Windows” or “you must be a fool, installing updates”.

 Posted by at 7:21 pm
Jul 162020
 

I met Gabor David back in 1982 when I became a member of the team we informally named F451 (inspired by Ray Bradbury of course.) Gabor was a close friend of Ferenc Szatmari. Together, they played an instrumental role in establishing a business relationship between the Hungarian firm Novotrade and its British partner, Andromeda, developing game programs for the Commodore 64.

In the months and years that followed, we spent a lot of time working together. I was proud to enjoy Gabor’s friendship. He was very knowledgeable, and also very committed to our success. We had some stressful times, to be sure, but also a lot of fun, frantic days (and many nights!) spent working together.

I remember Gabor’s deep, loud voice, with a slight speech impediment, a mild case of rhotacism. His face, too, I can recall with almost movie like quality.

He loved coffee more than I thought possible. He once dropped by at my place, not long after I managed to destroy my coffee maker, a stovetop espresso that I accidentally left on the stove for a good half hour. Gabor entered with the words, “Kids, do you have any coffee?” I tried to explain to him that the devil’s brew in that carafe was a bitter, undrinkable (and likely unhealthy) blend of burnt coffee and burnt rubber, but to no avail: he gulped it down like it was nectar.

After I left Hungary in 1986, we remained in sporadic contact. In fact, Gabor helped me with a small loan during my initial few weeks on Austria; for this, I was very grateful.

When I first visited Hungary as a newly minted Canadian citizen, after the collapse of communism there, Gabor was one of the few close friends that I sought out. I was hugely impressed. Gabor was now heading a company called Banknet, an international joint venture bringing business grade satellite-based Internet service to the country.

When our friend Ferenc was diagnosed with lung cancer, Gabor was distraught. He tried to help Feri with financing an unconventional treatment not covered by insurance. I pitched in, too. It was not enough to save Feri’s life: he passed away shortly thereafter, a loss I still feel more than two decades later.

My last conversation with Gabor was distressing. I don’t really remember the details, but I did learn that he suffered a stroke, and that he was worried that he would be placed under some form of guardianship. Soon thereafter, I lost touch; his phone number, as I recall, was disconnected and Gabor vanished.

Every so often, I looked for him on the Internet, on social media, but to no avail. His name is not uncommon, and moreover, as his last name also doubles as a first name for many, searches bring up far too many false positives. But last night, it occurred to me to search for his name and his original profession: “Dávid Gábor” “matematikus” (mathematician).

Jackpot, if it can be called that. One of the first hits that came up was a page from Hungary’s John von Neumann Computer Society, their information technology history forum, to be specific: a short biography of Gabor, together with his picture.

And from this page I learned that Gabor passed away almost six years ago, on November 10, 2014, at the age of 72.

Well… at least I now know. It has been a privilege knowing you, Gabor, and being able to count you among my friends. I learned a lot from you, and I cherish all those times that we spent working together.

 Posted by at 2:04 pm
Jul 052020
 

A few hours ago, my phone rang and my friend David told me the sad news: His father, Peter Ada-Winter passed away*.

I’ve known Peter since the late 1970s. He was an educator who played a pioneering role in the introduction of computer programming and computer science into the Hungarian school curriculum.

Peter was a true scholar. His home, a cramped apartment in Budapest’s historic Castle District, was full of books. The walls were lined with tall bookshelves. His large desk was also covered with teetering piles of textbooks, newspapers, and computer printouts.

Peter was the son of Ernő Winter, engineer, physicist and inventor, a towering figure in the early development of vacuum tube technology in the 1920s.

Born in 1923, Peter survived the Holocaust that wiped much of his extended family off the face of the Earth.

He was in his mid-40s when, in 1968, he was asked to organize a regular computer programming course for high school students in the same high school where I studied a decade later.

I met Peter when I became friends with his son David in high school. I always looked up to him. I learned quite a few things from him. Not just technical matters, basic human values as well.

Peter’s interest in information technology never diminished. In the mid-1980s, together with his son David they published a book on the 8-bit ZX Spectrum microcomputer. In the 1990s and early 2000s, despite his advancing age, Peter became well acquainted with the Internet; surfing the Web for news became part of his daily life.

Even after he passed 90, Peter remained in good health and mentally active. Only in the last few years did his health begin to gradually decline. Nonetheless, David remained hopeful that they would be able to celebrate Peter’s 100th birthday in 2023 with a ginormous birthday cake. These hopes were squashed by the news David received today.

Though I share David’s sense of grief, I reminded him that instead of grieving, we should remember the long, productive life of a very good man. Someone that I feel privileged to have known.


*No, not a COVID-19 statistic. Simply old age.

 Posted by at 10:04 pm
Feb 262020
 

The United States had Grace Hopper: A diminutive, elderly lady with a stern look on her face, uncannily wearing a rear admiral’s dress uniform as the oldest active-duty commissioned officer in the United States Navy, even as she earned the nickname Grandma COBOL, for her role in the development of one of the oldest computer programming languages still in use today.

But there was another female computer scientist with a career just as defining and just as fascinating as that of Rear Admiral Hopper: Xia Peisu, sometimes known as China’s mother of computer science.

Xia Peisu in 1946

Xia Peisu in 1946

I learned about Xia Peisu just now, from a BBC News online article. What an amazing life! I am especially fascinated by Chinese scientists and engineers who never gave up, who continued to work for the benefit of their country even through the indignities of the Cultural Revolution and other political upheavals.

Dr. Xia lived a long life: she passed away in 2014, at the age of 91. She lived to see the modern, interconnected world with computers everywhere. She also lived to see computers as means of oppression and surveillance in the hands of police and totalitarian regimes, China among them. I would have loved to know what she thought of it all.

 Posted by at 11:26 pm
Sep 162019
 

Very well, I’ve been had. I lost all my bitcoin savings.

Don’t worry, it was not much. Approximately 0.0113 bitcoins. Just over a hundred US dollars at current exchange rates. And it’s not like I didn’t know from the onset that something fishy was going on. Of course I was not planning to hand over my hundred bucks to a scam artist, but I figured the learning experience was worth the risk. I had no idea how things would play out, except for one thing: I knew I was not going to get richer, but my risk was limited to my meager bitcoin holdings.

Here is how it began. I became acquainted with an Neale H. Spark* on Quora. At first, we exchanged some private messages, in part about some of the answers I wrote. But soon, he started talking about the business he is in, cryptocurrency. He seemed legit: I looked him up. A cryptocurrency expert, member of a listed cryptocurrency company’s advisory board. He asked if I wanted to invest some bitcoins into cloud mining, because supposedly, I can make “8% a day”.

OK, red flags are up. Nobody, and I mean nobody, is paying you 8% daily interest. That this was a scam, of that I had no doubt, but I just couldn’t resist: I had to understand how the scheme worked.

It so happened that I actually had some bitcoins, those 0.0113 BTC, in a bitcoin wallet. So what the heck… let’s play along.

As soon as I agreed to become his victim (not that he called me that, mind you), this Mr. Spark kindly set up a “mining enabled” bitcoin account for me at blockchain.com. He provided me with all necessary details and soon enough, I was able to manage the account. I then transferred my bitcoin holdings from my other wallet to this one.

And within 24 hours, I received about 0.0008 bitcoins. And again, 24, 48, 72 hours later. I was told by Mr. Spark that this money is not completely free money: that there will be a “mining fee”, which sounded odd because how can they charge any fee to my bitcoin account? But you know what, let’s see what happens. Indeed, after about a week of regular, daily payments, four days ago I actually got charged about 0.0008 bitcoins. But the payments continued: after two more payments, my bitcoin holdings were getting close to double my initial investment.

Meanwhile, Mr. Spark called me several times on the phone. It was always a bad connection, suggesting to me that he was using a VoIP phone, but for what it’s worth, his calls came from a California number consistent with his place of residence. He was advising me that I should invest a lot more; that investors who put in a full bitcoin or more (that would be $10,000 US) are doing much better. I told him that I’d think about it. He asked when I might make my decision. I said he’d be the first to know. He did not sound happy.

Indeed, the phone calls stopped and for the past two days, I received no e-mail notification of payments in my bitcoin wallet either. So earlier today, I went to check the wallet, and whoops: all my bitcoins are gone. The wallet has been zeroed out two days ago.

I sent this Mr. Spark a Quora message but I am not expecting a reply. On the other hand, I think I can reconstruct what actually happened, so my bitcoins were, after all, well spent: I did learn some intriguing details.

For starters, I am pretty certain that the Quora account doesn’t actually belong to the real Neale H. Spark. I tried to find information online about Mr. Spark but I was unable to locate a valid e-mail address or social media account. The person is undoubtedly real, mentioned in a 201█ press release by G█████ T███████████ as a newly minted member of their advisory board. But Mr. Spark seems like a rather private person with little visible online presence.

The Quora account was only created about a month ago. It has very low activity.

The aggressive sales tactics seemed odd from a noted expert, and represented another indication of fraud. But how exactly was the fraud committed?

Here is how. It all started when “Mr. Spark” kindly set up that “mining-enabled” Bitcoin wallet for me on blockchain.com. I knew something was not kosher (what exactly is a “mining enabled” account, pray tell?) but in my ignorance of the technical details of cryptocurrency wallets, I could not quite put my finger on it. When I received the account info, everything checked out and I was able to secure the account, restricting transactions with two-factor authentication and even by IP address.

However, unbeknownst to me, “Mr. Spark” must have copied down the blockchain.com wallet backup phrase: twelve words. The company warns me: Anyone with access to my backup phrase can access my funds. What I didn’t know is that the backup phrase can be used anywhere. They need not access the wallet through blockchain.com; with the appropriate cryptocurrency software, they can recreate the wallet and empty it.

Which means that my entire blockchain.com wallet was compromised from the onset. Never mind the steps that I took, setting up two-factor authentication and all… It was never really my wallet to begin with.

The big warning sign was when the crook first processed a “mining fee”. I did not understand the details, but I knew that something was wrong. No third party can take money from your bitcoin wallet, “mining enabled” or otherwise. Yet at the same time, I continued to receive small payments, so I was still waiting for the other shoe to drop.

I guess eventually “Mr. Spark” decided that I am unlikely to invest more into his scheme, but more likely, I was not his only or biggest victim. You don’t set up an elaborate scam like this, with a fake social media account, fake phone number and all to just steal a hundred bucks from someone. (That would be a less effective, and certainly more risky, way of making money than working at minimum wage.)

There is the usual, “if it’s too good to be true” lesson here: Nobody is going to pay you 8% interest a day. OK, I knew that. I also knew that cloud mining is a very risky proposition, the returns are not spectacular and fraud is rampant. I didn’t have to spend a hundred bucks to learn this.

But there is also a valuable technical lesson. I had zero experience with cryptocurrency wallets in the past, and thus I did not realize that anyone setting up the wallet basically has a permanent, irrevocable key to that wallet. And when a sum, however small, goes missing from your bitcoin wallet, it is a guaranteed indicator that the wallet is compromised.

There is also another other thing that I did not realize until today. Namely that the Spark account on Quora is almost certainly a fake, an impersonation. In fact, it was not until I actually asked myself, “how can this chap commit such fraud under his own name?” that I came up instantly with the obvious answer: he didn’t. Rather, a scamster used the name and credentials of a respectable but social media shy expert to set up shop and rip off his victims. That I did not think of this possibility earlier is a consequence of my prejudice. I had very low expectations to begin with, when it comes to people in the speculative cryptocurrency business. So neither the cheap VoIP line nor the pushy behavior raised additional red flags: I was wondering what scam the real Neale Spark was dragging me into, I did not expect to be dealing with an impostor.


*Name altered to protect the privacy and reputation of the person who was impersonated.

 Posted by at 7:49 pm
Sep 132019
 

My favorite cartoons are Kliban’s cats, but the Dilbert comic strips represent a close second.

Today’s Dilbert offers a perfect demonstration why.

I could actually be the consultant that Dilbert’s pointy-haired boss is looking for. Over the years, I learned one very important thing about this business: As a consultant, my job is to offer my best advice to my customer, but then whatever decision they make, it’s theirs to make, not mine. My job is to continue supporting them to the best of my abilities.

In my career, I have seen customers make bad decisions that destroyed their projects. I offered my advice. When it was ignored, I did not take it personally. Neither that nor judging the customer are part of my job description. That is not to say that I do not feel regret, or that I did not often second-guess myself: Could I have offered better advice? Could I have been more convincing? Why was my advice not accepted?

But judging? Nope. That would be rather unprofessional.

 Posted by at 12:02 am
Aug 212019
 

I am reading an article in The Register about a major Internet outage that occurred last December, when a handful of rogue packets managed to clog up a backbone network for more than a day and a half, blocking even VoIP 911 calls.

There are two rather frightening aspects of this fiasco. Both rather horrifying, as a matter of fact.

First, that in this day and age, in late 2018, a backbone service provider can still be brought to its knees by something as simple as a malformed packet. What on Earth are you doing, people? Have you heard of penetration testing? Fault tree analysis? Auditing your equipment and system software? Or have these essential steps been dropped just so that you can report some cost savings to your shareholders?

But it really is the second point that I find particularly upsetting. To quote, “the nodes along the fiber network were so flooded, they could not be reached by their administrators”.

Say what? Are you telling me that you had no alternate means to access your nodes? Like, you know, something as crude and simple as a dial-up port with a command-line based management interface? I mean, this is something even my little home office network used to have, and when I dropped it last year, reacting to rising landline costs and the fact that I no longer used that data/Fax phone line at all, I did so because I have dual network connections. To learn that a major backbone provider doesn’t have the kind of redundancy that I take for granted for my own little network is disconcerting, to say the least.

I suppose I should stop rambling now, though. Truth to tell, I am ignorant as to how CenturyLink’s actual network is configured, and I certainly never managed a fiber optic backbone network. I am simply reacting to the main points of The Register‘s article even though I cannot independently confirm its veracity. In my defense, The Register‘s articles tend to be well written and accurate. Even so, criticizing from a position of ignorance is never a smart thing to do.

Nonetheless, if The Register is correct, this really is not how a transcontinental data network should be configured and managed. This also seems to be the FCC’s conclusion.

 Posted by at 5:04 pm
Jun 132019
 

The news this morning is that former PM Jean Chrétien suggested that Canada should stop the extradition proceedings against Huawei CFO Meng Wanzhou, as a means to win back the freedom of the two Canadian hostages in China, Michael Kovrig and Michael Spavor. (Yes, I called them hostages.)

The case against Huawei runs a lot deeper, however, than the financial fraud Ms. Meng is alleged by US authorities to have committed.

There is also the question of espionage, including the possibility that Huawei’s 5G equipment cannot be trusted because of firmware or hardware level backdoors.

I repeatedly encountered the suggestion that this issue can be trivially remedied by using end-to-end encryption. Unfortunately, end-to-end encryption, even if properly implemented (ignoring for the moment our own Western governments’ recurrent pleas to have built-in backdoors in any such encryption algorithms), solves only part of the problem.

It still allows Huawei to steal metadata, such as where calls are routed or the amount and nature of data traffic between specific endpoints. Worse yet, no encryption prevents Huawei from potentially sabotaging the network when called upon to do so by the Chinese government.

For this reason, I reluctantly came to the conclusion that the US ban against Huawei is justified and appropriate. It must, of course, be accompanied by a suitable increase in spending on researching 5G communications technologies, because otherwise, we risk shooting ourselves in the foot by banning the use of equipment that is technologically superior to the available alternatives. This is a new situation for the West: The last time the West faced a great power adversary that matched Western scientific and technological capabilities was in the 1930s, with Nazi Germany.

As for Ms. Meng, I think the suggestion to suspend the extradition process is wholly inappropriate. It would signal to the world that Canada is willing to suspend the rule of law for the sake of hostages. However strongly I feel about Messrs. Kovrig and Spavor, however strongly I desire to see them released, this is not a price Canada should be willing to pay.

 Posted by at 5:56 pm
Mar 302019
 

Content management software that I use, Joomla! and WordPress in particular, have been complaining for a while now that the PHP version that runs on my servers is outdated and potentially unsecure. Not exactly true, as PHP 5.4 remains part of the official Red Hat/CentOS release, but it would certainly be prudent for me to attempt an upgrade.

I tried to do just that last night, on a test server. And it was a miserable failure, a waste of many hours that I will never get back, to make no mention of the heightened risk of cardiovascular disease due to my elevated blood pressure caused by all that frustration.

The relatively easy part? PHP 7 complaining that its just-in-time compilation feature ran out of memory. Easy-peasy, I can disable JIT. Check.

But then: several of my Joomla! sites refused to run, with a cryptic and ultimately meaningless error message and nothing in the logs. And at least one Joomla! site just got itself into an infinite redirect loop. But why?

I tried many things. I kept looking for answers on Google. Nothing worked. Eventually I took two of my Joomla! sites that are very similar in nature, and began comparing their settings, side-by-side. One worked, the other didn’t. Why?

I then stumbled upon a custom Joomla! module, one that I wrote to support some ads that appear on my sites. This module was installed on the site that failed, but not used on the other. I disabled the module and, presto, the site was working with PHP 7. I re-enabled the module and the site was dead again. So… why?

Well, the module contains some PHP code. Which, after some preamble that allows it to connect to the internal data structures of Joomla!, begins the real work by accessing the MySQL database that contains the actual ads:

$conn = mysql_connect("localhost");
mysql_select_db("www");
$res = mysql_query("SELECT PAGEID,ADTEXT FROM ...

Oops.

You see, mysql_ calls have been deprecated and REMOVED from PHP starting with version 7.

And I have hundreds, if not thousands of lines of legacy code* (including, e.g., my calculator museum at rskey.org) that rely on this old library.

So I guess that PHP 7 upgrade will have to wait a while longer. Looks like I have no choice but to rewrite the affected pieces of code everywhere, as there is no other long-term solution. (Even if I find a third-party PHP plugin that re-enables mysql_ codes, how long will that continue to work? How reliable will it be?)

What a muckup. Grumble. And I do have other work to do.

 Posted by at 10:40 am
Mar 282019
 

Even as Facebook is battling white supremacism and fighting accusations of racial profiling, there is more nonsense going on.

In the past few days, I received several Facebook requests from accounts purportedly owned by young women, whose profiles contain sexually explicit, rather pornographic images and videos.

Here is one of the mildest ones (the majority of the images in this and other accounts from which I received friend requests were far, far more explicit in nature, including images depicting intercourse):

I do not wish to be a prude here; I am, after all, a middle aged male in relatively good health, and certainly not immune to, ahem, shall we say, visually stimulating images (though I admit I was never a fan of hard-core pornography. Not my cup of tea.)

But these Facebook accounts are obviously not accounts owned by bona fide young women trying to seduce older, happily married males like myself. They are probably overweight middle-aged male scam artists doing their shady business from their parents’ basements. Or worse yet, organized crime operating out of shady boiler rooms somewhere in Eastern Europe or Asia.

Thanks but no thanks. I have presently no desire to break my marital vow, but even if I did, there are better, safer ways.

As for these friend requests, I just block them and report the accounts to Facebook.

 Posted by at 2:08 pm
Mar 252019
 

The other day, I started listening to Google Music’s personalized music stream.

I am suitably impressed. The AI is… uncanny.

Sure, it picked songs that I expressed a preference for, such as songs from the golden age of radio that I happen to enjoy. But as I continue listening, it is presenting an increasingly eclectic, enjoyable selection. Some of it is quite new, from artists I never heard about, yet… it’s music I like. For some reason (maybe because I am in Canada? Or because it knows that I am trying to improve my French? Or was it a preference I once expressed for Édith Piaf?) it started presenting a whole bunch of French music, and again… some of it is quite likable. And now that I purposefully sought out a few classical composers, the AI realized that it can throw classical pieces at me as well, which is how I am suddenly listening to Schubert’s Ave Maria.

As a matter of fact, the eclectic choices made by Google’s AI remind me of two radio programs from the CBC’s past, long gone, long forgotten by most: Juergen Goth’s Disc Drive and Laurie Brown’s The Signal. Both these shows introduced me to music from excellent artists that I would otherwise never have heard about.

And now Google’s AI is doing the same thing.

I am also getting the sense that the more I listen, the bolder the AI becomes as it makes its choices. Instead of confining me to a bubble of musical genres of my own making, it is venturing farther and farther away from my presumed comfort zone.

Which is quite impressive. But also leaves me wondering how long before our machine overlords finally decide to take over.

 Posted by at 7:27 pm
Jan 092019
 

So I figured I’d try Office 2019. It came out a few months ago, and I have the MSDN license and everything, so why not give it a test drive. I downloaded the DVD installation image, and ran setup.

Immediately, I was presented with a cryptic error message:

What the devil does this mean? I am installing from a Microsoft-provided DVD image. Surely, it has all the required files?

The “Go online…” link was of no use. Just some generic stuff about installation failures.

A quick online search, however, revealed the culprit: Office 2019 won’t install unless Office 2016 is removed first.

Not something I am inclined to do at this time, not without thoroughly testing Office 2019 first to make sure that it behaves the way I like it (I am especially worried about Outlook and my encrypted imap connection, which can be a bitch to set up.)

In any case… in the software industry, 30 years ago already we had installers that gracefully recognized an existing installation of the same package, and offered either an upgrade or a side-by-side install. Or, worst case, they offered a meaningful error message, informing the hapless user that the prior version must be uninstalled first. Because, you know, chances are anyone installing Office 2019 might already have a copy of Office 2016 installed on their system?

I guess none of that is needed in 2019. After all, what kind of a dumb user am I if I don’t immediately understand Error code 30182-1 (2)?

 Posted by at 9:25 pm