Tag Archives: rutgers

Why DRM is bad for consumers

Posted on by

While some people whom I greatly admire have stronger feelings than I on the subject, and many others, I felt the need to share some thoughts on DRM this morning.

Here at Rutgers, we had been promoting Ruckus for music downloading. The idea was that if you go to Rutgers, you get to use their service for free and download your music. I’ve never used it. Even if their software had worked with Linux, it’s still so badly DRM’ed that I couldn’t even burn the music to a CD. Being an old-fashioned person who has a regular old non-MP3 cd player in my truck, what good would that do me?

So, today Ruckus just shows this:
Ruckus shutdown graphic

I’ll admit it, I’m not the least bit sad to see it go. And not just because it was Windows-only at a time when Linux is gaining in popularity and MacOS is all-out exploding. What was my real problem with it? The DRM. What good is a bunch of 1′s and 0′s if I can’t use it the way I like? You couldn’t burn Ruckus music to CD, and I doubt you could use it on my ancient Sansa 512MB MP3 player either, as it doesn’t support DRM (and runs Linux).

So what’s my final thought? From TechCrunch.com:

We’re told that music that has not passed its “renew date” still works, but that music that has expired will no longer work because the DRM licensing server has apparently shut down.

If DRM wasn’t bad enough to begin with, the music you already have will just stop working… because the original distributor isn’t there anymore to tell it to work.

Internet Security, Microsoft Lies

Posted on by

Internet Security

So, this semester I’m taking a class on Internet Security. Our textbook is Management of Internet Security, 2nd Edition by Michael E. Whitman and Herbert J. Mattord. It seems pretty basic, and very much focused on the management side of things (as opposed to technical). The table of contents is as follows:

  1. Introduction to the Management of Information Security

  2. Planning for Security

  3. Planning for Contingencies

  4. Information Security Policy

  5. Developing the Security Program

  6. Security Management Models and Practices

  7. Risk Management: Identifying and Assessing Risk

  8. Risk Management: Assessing and Controlling Risk

  9. Protection Mechanisms

  10. Personnel and Security

  11. Law and Ethics

  12. Information Security Project Management

Now, given that it’s really a “management” book, I can’t say I’m surprised that it reads like an essay that was graded on a scale of buzzwords-per-sentence. However, it seems to be missing the one chapter that’s the most important – actually, the only chapter that would be in the book if I wrote it – “How to get management to allocate the money you need for proper security.” In fact, skimming over the book, I found a lot of content on general management planning, job descriptions, sample policies, and a lot of other pie-in-the-sky stuff, but not one concrete section dedicated to the most difficult part of security – getting the “resources” to do it right!

Microsoft Lies

Why we would spend time analyzing corporate mission statements in an Internet Security class, I have no idea. That seems, to me, too much like what we covered in “Management of Technological Organizations.” But, we do, and one of the examples used is Microsoft’s Mission and Values statement. Perhaps, being the F/OSS advocate that I am, my reading of it was a bit cynical. Let’s take a look at it.

“At Microsoft, our mission and values are to help people and business throughout the world realize their full potential.” Well, we’re off to a good start. Aside from the fact that they want you to realize that potential using only their software, and use their power and money to actively monopolize (or attempt to) most industries that they enter, this seems pretty run-of-the-mill.

Corporate Citizenship: “Every successful corporation has a responsibility to use its resources and influence to make a positive impact on the world and its people. Microsoft’s Global Citizenship Initiative is focused on mobilizing our resources across the company and around the world, to create opportunities in the communities where we do business, and to fulfill our commitment to serving the public good through innovative technologies and partnerships.” Well. Now we’re getting somewhere. Apparently “a positive impact on the world and its people” is defined as trying to monopolize every sector that Microsoft touches, whether attempting to crush and then buy-out the competition, or through flat-out FUD and billion-dollar marketing campaigns. Hmm… innovative partnerships… as in Novell?

Legal and Corporate Affairs: “Microsoft’s Legal and Corporate Affairs Group works on the cutting edge of business and regulatory issues around the world.” Well, I can’t argue with that, they sure are on the cutting edge. What started with Bill Gates mailing out whiny letters about pirated Altair BASIC has now turned into a global juggernaut, capable of forcing the creation of ISO standards at their whim, and successfully quashing any dissent about obviously flawed and under-reviewed “standards” (which, in fact, simply describe current software, rather than setting any real standard).

Values: As a company, and as individuals, we value integrity, honesty, openness, personal excellence, constructive self-criticism, continual self-improvement, and mutual respect. We are committed to our customers and partners and have a passion for technology. We take on big challenges, and pride ourselves on seeing them through. We hold ourselves accountable to our customers, shareholders, partners, and employees by honoring our commitments, providing results, and striving for the highest quality.

  1. integrity – i.e. not creating a draft ISO standard and then offering monetary incentives for acceptance.

  2. honesty – when it works. Intentionally making Vista-Capable labeling so ambiguous that it even confuses Microsoft executives? Fine.

  3. openness um… did they seriously say that? Openness like… protocol interoperability? Standards that can be implemented without patent violations? An “Open Specification Promise” that doesn’t come with a three page FAQ? Nope. Not Microsoft.

  4. constructive self-criticism – Ok, I’ll give them this one. They do, rarely, criticize themselves. Though “constructive” usually means making comments about the poor design of a previous product, and suggesting that everyone upgrade to the new version.

  5. continual self-improvement – I’ll give them this one too. In fact, they’re so crazy about it that they’ve been improving the same codebase for decades!

  6. mutual respect – See above.

  7. We hold ourselves accountable to our customers – Ok. They are offering to allow users to downgrade from Vista to XP.

  8. striving for the highest quality – I don’t think so. They’re striving for products that have the highest market share. As long as the quality is acceptable to the majority of users, and the products do what the majority of users need, that’s fine. But wait… apparently they even missed that goal with Vista.

This is just the opinion of one person. My motivations may be diverse, and surely there’s a bit of zealotry in there. After all, if Ford told me I couldn’t put fog lights on my car myself, I had to bring it to the dealer and pay $400, I’d stop buying their cars – and make sure everyone else knew what they did. But there’s also my ever-present desire to make sure people know both sides of the story, and all the facts. The mainstream media (specifically dumbed-down television) rarely reports on the less cheerful side of Microsoft, like the ISO “standard” scandal, or the Vista letters, or the Vista-Capable fiasco. And I find this to be horribly disturbing. Many people don’t realize that there are alternatives to Microsoft products, even ones that are provided by such big names as Sun Microsystems and IBM. But, most striking, is Microsoft’s overwhelming monopoly. Windows’ market share is currently 90.66% or higher. I ask you, what other industries which affect not only consumers, but nearly every aspect of our daily lives (as computing does) would be allowed to have such a monopoly? It has happened in many other American industries – oil, steel, the railroads, telephone service. Where is the government now?

What happened to the America that made massive monopolies illegal? Have we forgotten a supremely part of our history that began in 1980 with the Sherman Act? Or even the recent events with Bell? In order to truly stimulate competition in the software industry, and provide for not only choice but the improved quality, reliability, and security that comes with true software competition, something needs to be done. For starters, how about breaking Microsoft into separate entities – browser, Office, OS, server, etc. And – the important part – preventing any package sales, discounts, or bundling between the separate types of software (and separate companies).

Practical PHP and MySQL

Posted on by

I’m taking a summer course in Building Data Driven Websites – not that I thought I’d learn much in such a course at SCILS, but I’d like to graduate on time, and need the credits, and Bill Crosbie is just the type of rare teacher that can keep even me awake and interested. Our book is Practical PHP and MySQL: Building Eight Dynamic Web Applications (Amazon by Jono Bacon. Now, I know it’s not a real book like, say, ESA3 by Frisch, which has a healthy web presense. But this thing is all code and doesn’t even have a web site, let alone easy code downloads!

The book does come with a heavily customized Ubuntu LiveCD. However, when I popped it in my OpenSuSE workstation, I couldn’t really make much out of the CD – there was certainly no easy-to-find “this is the code” directory. Well, after some exploring, I mounted the SquashFS filesystem and poked around a bit. Strange… seems to only have one real user (root) and, though they claim this is a fully-functional LAMP server, no Apache or MySQL. Really weird. Well, after poking for a few minutes, I found the holy grail – /root/.bash_history was intact! Just a quick look through it with less and I found what I was looking for: /opt/lampp. It appears that the install is actually ApacheFriends’ LAMPP, or XAMPP for Linux (gotta wonder if the guy writing this book doesn’t even know how to install Apache… I’m sure XAMPP for Linux is more bloated than a customized build of Apache/MySQL/PHP from source, especially since it’s only being used to host 8 sample projects, so a lot could be left out).

Anyway, it appears that LAMPP is running in a chroot’ed environment. The actual sample code is rooted at /opt/lampp/htdocs/sites. It seems that all of the PHP files are also owned by root and chmod’ed 777! And the top-level index.php file makes use of absolute links, so obviously he never thought that someone may want to copy the sample code and use it on a real box.

I just can’t imagine someone who’s a beginner with Linux, let alone a Windows person, trying to get this source code onto a machine where they can actually play with it. And… to make the situation worse… the LiveCD has vi and vim, but no Emacs!!!! Eeeek!!

For anyone who needs it, I have the archive available on my site. For non-*nix people, you’ll need Gzip or an equivalent program to extract it.

SunSPOT; CarPC; MediaWiki Logging

Posted on by

Well, finals season is upon me. That’s probably why I haven’t been posting much lately (I haven’t even been checking Google Reader – I’ll have to delete a few thousand entries when I get back into the swing of things). I’ve been pretty busy, between studying, projects, and work. I’ll be working 4 days a week through June 20th, as well as taking night classes 4 nigths a week (unfortunately not the same 4 days) through July 3, in an effort to graduate Rutgers on time (after transferring in and also switching majors). Work after June 20th is up in the air – who knows how hard the budget cuts will hit.

My internship as the Sun Microsystems Campus Ambassador to Rutgers is over on May 12th. I got a chance to do the Rutgers IT Vendor Fair with Sun, and met a few cool people – especially including Matt McGrath of Continental Resources, a Sun Strategic iForce Partner, who’s doing some wonderful things with the Sun Education Essentials Matching Grant Program, and Skip Paul, a Linux Systems Engineer for Novell’s Open Platform Solutions group. I also finally cracked open my demo set of SunSPOTs. Wonderful little devices, radio, run Java on the bare metal, and have temperature sensors, accelerometers, and liberal I/O. My first development exereice will probably be making a temperature and acceleration data logger for my truck, but there’s surely more to come. They’re great!

My newest project – which I’m hoping to spend nearly the whole summer on – is the TuxTruck. I’ve been frustrated with the lack of “smartness” in my truck (an 06 Ford F-250), not to mention having to remember my MP3 player so I can listen to podcasts on the way to work, and having so many gadgets in my truck. So, the solution is obvious: a Linux-based CarPC. A nice little Mini-ATX box under a seat, with a 7″ pull-out touchscreen in the dash (replacing the factory radio). It’s a big, complicated, and expensive project – but I want one, and I could use some experience with smaller systems.
The major features I have planned:

  1. Realtime GPS navigation
  2. Hands-free bluetooth calls from my cell, with address book, routing to contact address, possibly voice dialing.
  3. Realtime weather
  4. OBD-II interface, for vehicle diagnostics and fuel efficiency/performance profiling
  5. Audio – at a minimum searching and playing MP3s, and automatically downloading podcasts and throwing them in a playlist. Perhaps also an AM/FM tuner

It’s not an easy project. So far, the major challenges seem to be:

  • No full-featured GPS navigation package available. The ones that are available don’t seem to be too easy to integrate into my planned GUI, which will allot them 800×420 pixels (on an 800×480 screen) and requre the bottom toolbar to be always available.
  • How to handle processing of multiple data streams that require near-real-time processing – specifically, GPS with text-to-speech, turn-by-turn directions, plus playing audio, plus responding to an incoming phone call in a timely manner, pausing the audio, and stopping GPS audio but continuing navigation.
  • Whether to install a smaller stereo and use aux input for audio, or totally rip out the stereo, use an amp with the computer as its only input, and then how to control volume?

There will be more to come in the future. For now, take a look at the TuxTruck github.

Update Saturday, March 2, 2013 – I’m in the process of migrating my legacy CVS and Subversion repositories to github.com. The forgotten SVN repository for TuxTruck has been migrated there, and the CVS repository will soon be moved there as well. Tuxtruck.org has been permanently taken offline and redirected to the GitHub repository.

Mediawiki Logging – I recently had a situation where I had to confirm how much work someone had done on a MediaWiki-based project. The Recent Changes page only goes back 30 days, and walking through the History of each page is a pain. After looking around in the database a bit, I found a few tables of interest:
  • Table “users” includes fields “user_touched” (last time the user was updated) and “user_editcount” (a really simple count of the users’ number of edits).
  • Table “recentchanges” holds a lot of data… seemingly the entire life of the wiki

Where have I gone?

Posted on by

Well, it’s been a while since I posted. Things have been horribly busy in the school world, and I have some new projects I’m working on as well. Unfortunately, due to limited resources at the moment, I haven’t been able to give Zenoss a try. If I eventually find a nice 25-30U rack for the hardware running JasonAntman.com (in the basement of my suburban home, so headroom is limited to about six feet), I’ll probably move one or two machines from my apartment back there, reorganize things, and setup a Zenoss test (*if* I can get Xen to play well with some OS that has Zenoss RPMs, or give up and compile from source).
A few of my new projects:

  • Some embedded Linux work
  • Getting my new Deluo USB WAAS GPS working with my eeePC, and eventually add software for mapping wireless networks
  • Mount an external 2.4GHz antenna on my truck, so I can hop on RUwireless without leaving the comfort of my home on wheels.
  • Get a “N” wireless card and beta the wireless-N at Rutgers.
  • Figure out development for PalmOS, and write a program to sync my Palm calendar with Google Calendar over-the-air.
  • Do some work with a radio scanner and a system at home for recording and logging (maybe even MDC1200 decoding).

My pet peeve for the day – blogs and other websites that don’t list a date last updated. I’ve been looking around for alternatives to KPilot, and I have to look through all of the Google results, and figure out how old they are based on version numbers and which Palm devices are listed.

And, from Rutgers Telecommunications, this is what RUwireless looked like over spring break, and the Monday that everyone came back:

Rutgers daily traffic graph of sr02-hill012-svcs_vlan1000 on 2008-03-25