The Dumping Ground

Car Fire — Or: Why My Internet Is Down

I’ve had some harsh words for Comcast over the last few days.  The constantly bouncing connection has made it very difficult to work.  Sure, there were some major storms from which they were trying to recover, but it’s really annoying that they had to drop out whole service areas just to fix other peoples’ connections.

My connection dropped again today, though I can hardly blame them for it this time around.  A fire in the alley down the block from our house happened to occur directly below the pole carrying the wires that carried my packets.  It turns out charred copper and melted plastic suffer from approximately 100% packet loss.

There are a few more pictures on my Flickr stream.

The Family Business

I have geek in my blood.  My grandfather, Gus Hahn, opened an electronics store in 1929 with his former high school physics teacher, Ralph Coe, and for some 80 years – passing on to my uncle after my grandfather’s struggle with Parkinson’s disease left him unable to work – it serviced the south suburbs of Chicago.  They sold record players and radios, installed PAs and police radios, and showcased fancy new technology like televisions in color.

The story of Hahn & Coe is the story of American ingenuity and entrepreneurship through generations.  It tells of burgeoning opportunity, economic and technological changes, and the struggles of a family to make it through on their own despite obstacles I can hardly fathom.  But the story has reached its end.  Sadly, the continuing poor economy in a long-downtrodden suburban area of Chicago has finally taken too much a toll.  The family business has closed its doors.

I keep a few of my grandfather’s things near my desk.  His old, wooden level looks almost comical in the bright glow of my dual monitors, and his cracked, yellowing slide-rule is painfully low-tech next to my sleek, black iPhone.  But they remind me of how far I am from vacuum tubes and CB radios, and yet how not very far at all.  There was geek in his blood, too.

Leaving the Library, Joining Apple

Yesterday I announced my impending departure from the Library of Congress at an all-hands meeting of the group I helped form.  My last day will be May 14.  I’ve spent seven years at the Library, and every one of them has been fantastically rewarding.  I have learned so much through the successes and failures, and I couldn’t have asked for a more dynamic and intelligent group of people to work alongside.  It has truly been an honor.

I will be moving on to exciting new territory, however.  I have accepted a position with Apple, and the thrill of working for such a dynamic company on ground-breaking technology cannot be overstated.  Those who know me know I’ve had my ups and downs with Apple over the years, from buying an iPhone to decrying DRM.  None of that changes my commitment and interest in Doing Cool Things.  And Apple is certainly Doing Cool Things.  I can’t wait to begin.

Finally, Hedda and will not be moving to California.  I will be spending a fair amount of time in Cupertino, but our home base will remain in the District.

AuthLite – Two-Factor Authentication For Windows And Active Directory

In a keynote talk at the 2004 RSA Conference, Bill Gates predicted the demise of the familiar username-and-password logon.  Yet here we are six years later, with RSA 2010 quickly receding in the rear-view mirror, and the vast majority of us are still using passwords to log in – both at home and at the office.  Unfortunately, though our logins haven’t changed, the attacks against them have not failed to advance.  Cracking tools continue to improve exponentially, key loggers are all too commonplace, and users always pick ridiculously poor passwords.

All of us ought to be using multi-factor authentication, but there are myriad reasons so few are.  Most two-factor solutions are too expensive, with prices often skyrocketing over $100 per user, year after year.  Or they’re too hard to deploy, and they don’t integrate with legacy or COTS software without special plug-ins or customizations.  Unless your company has an unusually large IT budget, chances are your company has been priced out of two-factor authentication.  Not anymore.

AuthLite from Collective Software is affordable two-factor authentication for Microsoft Windows Active Directory.  AuthLite uses one-time passwords generated by the YubiKey, and features deep integration with Windows authentication and leverages your existing Active Directory infrastructure and investment.  AuthLite is inexpensive, and can be ten times less expensive than the market leader.  And AuthLite is designed from the ground up to be easy to deploy, administer, and integrate with existing systems.

I’ve spent a good deal of my time in the last year-and-a-half working on AuthLite, and I will detail some of its features and technical aspects over a series of blog posts in the upcoming several weeks.  In the meantime, be sure to follow AuthLite on Twitter for up-to-the-minute information and updates.

The Marion Barry: A Shot In Honor Of The Former Mayor-For-Life

It’s been a big news day for the former mayor-for-life.  The investigations into his use of earmarks have finally boiled over with the release of the Bennett Report.  The upshot?  His goose is cooked.

This seems an opportune time to introduce to a broader audience the shot we invented on this year’s Marion Barry Day.  I give to you: The Marion Barry.

1. One part Stoli Blackberry
2. One part Southern Comfort
3. One part Blue Curacao
4. One part grenadine
5. Drink up, slam the glass, and holler in your best just-got-caught-with-crack-in-a-hotel-room voice, “Bitch set me up!”

The concoction is sweet and quite drinkable, and is rife with symbolism.  The Stoli Blackberry is because the marionberry is a subspecies of blackberry.  The Southern Comfort makes it in because the former mayor-for-life was born in Mississippi.  And the Blue Curacao and grenadine are there for flavor, and because together the purple hue they create reminds us of the purple velour jogging suit the elder councilmember has been known to sport from time-to-time.

Originally called “The Bitch Set Me Up”, we re-named it to be a bit more obviously associated with the man.

Update Flash Without Adobe’s Crappy Download Manager

Recently, Adobe has pulled a hall-of-shame move and began trying to sneak in the installation of a craptacular background program called the “Adobe Download Manager” when updating Flash.  That’s just great, you know, since there are security updates for Flash almost every month.  So how do you get your required security update without Adobe’s bullshit download manager?

It’s a fairly simple process, and actually takes advantage of the generally-hated-by-most-people User Account Control (UAC) in Vista and 7 to block an unwanted action by a program.  And people say it’s nothing but annoying.

(Note: These instructions are for Firefox on Windows 7 or Vista; anything else and you’re on your own.)

1. Download the Flash updater directly from here.
2. Close all browser windows (including any opened by Prism).
3. Run the updater.
4. Start your browser back up.  Adobe will now sneakily try to install their awful download manager on your system.  This will generate a UAC prompt asking for administrative permissions to install.
5. Click “No” on the UAC prompt to stop the installation in its tracks.

Screw you, Adobe.  You’re in the Hall of Shame for trying to install backdoor software with critical security updates to a ubiquitous web technology.  And win one for UAC!

I Am Not A Search Engine; Google Didn’t Buy Me; Please Don’t Sue Me

The big news from the Google front yesterday was their purchase of Aardvark, a search engine that leverages social connections to find folks who might know the answer to your question.  It’s pretty cool looking technology, which you can try for yourself at vark.com, but all the hype is prompting me to make a few points here.

1. I am a person, not a search engine.
2. Google didn’t buy me.
3. Ardvaark is spelled differently from Aardvark, which is way different than vark.
4. The name Ardvaark (or the variation Jr. Ardvaark) has been my handle since I first started coding a quarter century ago.
5. The domain ardvaark.net has been my personal home page on the web since 2001.
6. My site ends in dot-net, not dot-com.
7. So you see, Google, there’s no cyber-squatting here.  Please don’t sue  me.

That is all.

Web Hall Of Shame: Wired News Hijacks Your Clipboard

It’s a given that you can’t trust the Internet.  I mean, you’re connecting to random strangers’ computers, downloading code and data, running some of that code (usually in a sandbox of some sort), and then hoping nothing bad happens.  For that reason, I use the NoScript add-on to Firefox, which aggressively blocks scripts (especially third-party scripts) from running – unless I whitelist them.

Despite my general distrust, though, I still harbor a hope that most of the sites I regularly visit aren’t bad actors.  When it turns out they are, it’s a bit of a shock.  When it turns out to be one of the oldest names in net publishing, it’s really disheartening.

Wired News has a really cool article on lasers blasting mosquitoes out of the sky.  When you copy-and-paste from that article, it hijacks your clipboard and changes what you copied.  Try it yourself!  (Of course, if you’re running NoScript, you’ll need to temporarily allow all scripts on the page.)

From the article, copy:

The laser lights quickly located the mosquitoes in flight.

And then paste:

The laser lights quickly located the mosquitoes in flight.

Read More http://www.wired.com/epicenter/2010/02/death-star-laser-zaps-mosqitoes-dead/#ixzz0fKgTWFBU

Yup, they hijacked your clipboard, and added a tracking link.  Who the hell does that?

Wired, you’re officially in the Hall of Shame.

Vacant and Blighted Property Testimony

Councilmember Bowser and Councilmember Evans held a joint hearing  yesterday on B18-546 and B18-448.  Both bills are an attempt to better define who gets hit with the city’s super-tax on problem buildings, which was essentially eliminated right as it started to produce results. I testified yesterday on four key points that I believe need to be addressed in the bills.

• Keep the vacant property registration system.
• Include ANCs in the exemption process.
• The proposed “blighted” classification is too subjective. An objective system, such as DMV-style points, should be considered.
• Vacant (but not “blighted”) properties are still a problem. Multi-year vacancies must also be taxed at a higher rate to promote their productive use.

My full testimony can be downloaded here.  You can watch the full meeting online here.  (My testimony begins at about 3:35:00, and then there is some Q&A at the end of the panel.)

January 18th is Marion Barry Day

January 18th is an inauspicious day for the citizens of the District of Columbia.  It marks the date of the arrest of Mayor Marion S. Barry, Jr. in a drug sting for possession of crack cocaine.  This year is the twentieth anniversary since the former Mayor-For-Life spoke his most famous of utterances, who has continued to serve in DC public office despite his ongoing run-ins with the law.