This sounds remarkably like an image compression algorithm and associated file format that I invented while I was at Medior in San Mateo in late 1994 - I actually implemented it in 1994 and it got used in some shipping multimedia CDROM products such as the Men are From Mars, Women are from Venus CDROM in 1995.
My algorithm was lossless and what strikes me the
most is the speed - my algorithm was notable for the speed of decompression, and we used it in particular just because it was so much faster than GIF, which was a significant advantage when you were scanning through lots of images on CDROM. While I only implemented it for 8-bit indexed images I felt it would likely work fine for any bit depth or color space.
Medior was later purchased by AOL and renamed to AOL Productions. I think AOL Productions isn't around anymore but lots of old Medior people still work for AOL, for example former Medior President Barry Shuler is a high-level exec at AOL.
Basically, my invention worked by dividing the image up into lots of little subregions and encoding each pixel in a given subregion in the minimum number of bits required to encode the number of colors that occurred in that region.
For example, in an image that was black on top and white on the bottom, I'd have two subreqions with zero bits each and a single element color table that was either black or white.
If it was snow - black and white pixels randomly intermixed - the whole image would be one bit with a two-element color table containing black and white.
The big trick was to divide the image in a good way, in such a way that the whole image was reduced the most and the size of the data required to reconstruct the regions wasn't too big. In practice I found it worked OK to start with lots of small fixed-size squares then merge adjacent squares that had similar color schemes.
I wrote a document for Medior that described what I invented in great detail and what I predicted this could be made to do. What I actually got it to do in practice was not nearly what it was capable of, but this was because of the limited time available to implement it.
A business tips from GoingWare's Bag of Programming Tricks. You'll find other helpful articles there on the business and technique of computer programming.
Freeing the Developer from OS Vendor Shackles
on
X On OSX Now Free
·
· Score: 2
Operating systems vendors invest a great deal of energy in getting applications developers to code products to the native API of the OS.
The result is that it is very difficult for the developer to bring the product out on a competing platform, and it discourages users from moving to a different OS when they feel the vendor isn't serving their needs (because they can't get the solutions to their problems).
If the developer doesn't want to deal with the OS
vendor anymore, he's really got a problem - either suffer under the vendor's thumb, or make a great deal of personal sacrifice to move to a different operating system.
And in fact I shipped (and still do support) on of the first commercial applications for the BeOS, Spellswell from Working Software.
Nothing Be ever did made any sense, and while there are individuals at the company that I regard highly, on the whole I felt the company to be uniquely unresponsive and incompetent.
And just when they were showing some promise of shipping enough BeOS installations that I had some hope of making more than the measly couple hundred bucks I'd earned in royalties in the three years I'd been working on Spellswell, they announced a "change in focus" and said they weren't going to support the desktop anymore, except for the extent necessary to use it as a development platform for their new Strategy Du Jour, Internet Appliances.
After I posted on BeDevTalk that Some of Us Work for a Living, the moderator told me he was fed up with a developer who was trying to discuss business issues of concern to Be's third-party developers on Be's third-party developer mailing list. That was my last message to bedevtalk - he unsubscribed me.
I bought a few books, mostly on C++ and also hit some websites and newsgroups, and I became a much better programmer as a result. And I really felt that I did better to spend my time on core architectural and language issues rather than dealing with OS-specific nits or tool issues. And so I wrote Study Fundamentals, Not APIs, Tools or OSes.
So this brings me back to being used by operating systems vendors to serve their material needs at my expense and the cost of much personal pain. If you become a better programmer by learning the basics better, to can fluidly go from OS to OS without much of a learning curve.
But there's the problem that you have to use some API to code your application to, and while Java claims to be "platform-independent" it is
really a proprietary platform in itself - just try making use of platform-specific code in a Java application, yes you can do it with the Java Native Interface but it is difficult and an assault on the Java developer's senses to write a dll in C or C++ to load into the runtime.
So what you really need is a cross-platform application framework that you can write in with a language such as C++, that comes preconfigured with easy-to-use preprocessor symbols so you can drop into OS-specific code at your whim, and will compile from a single sourcebase to native machine code for multiple operating systems.
Funny that, since December '99 I've been writing a multithreaded special-purpose graphics editor that is also an HTTP client with just such a cross-platform application framework. I can develop on Mac or Windows as the need suits me and switch back and forth at a moments notice (especially now that I've got filesharing between my machines). My client only asked for Mac and Windows versions but I could port to BeOS or Linux in a few days. The framework is called ZooLib.
It was written by my friend Andrew Green of The Electric Magic Company, originally to insulate himself from Apple's API nonsense. (Do you remember when all progress on developer tools at Apple and Symantec stopped while they went off into the sunset to develop Bedrock, itself a cross-platform application framework and an immense investment of time and money - and then abandoned it? If it hadn't been for then-tiny Metrowerks Apple would have gone out of business after shipping the first PowerPC Macs, because there would have been no native PPC compilers.)
He felt that if he could code to his own layer and Apple changed their API, he'd just have to reimplement the OS-specific layer and he'd be working again. But then a little more work and he'd be cross-platform...
If you click that link today you'll just get a placeholder page. But just wait a few days...
(For practical reasons the source itself, mailing lists and so on will be provided at
http://zoolib.sourceforge.net/ once it's released.)
While ZooLib is to be newly released to the public
it is not new code. It has been in use in commercial products for about five years - and in development in my own since last December. Part of why Andy gave me the code and I've been working with it is to give him meaningful architectural feedback and detailed bug reports so he can prepare it for public release.
I've been urging Andy to release the source as-is for a couple of years but his standards are incredibly high for a programmer. Andy's code doesn't just work, it is correct.
Andy spares no effort or time to fix the smallest problems (this is especially important in multithreaded code - think about reference counted smart pointers that are operated on by different threads, as you can do with Zoolib), and part of why he's been delaying the release is to improve the overall architecture.
For more details, including relevant quotes from Judge Thomas Penfield Jackson's Findings of Fact and Final Judgement discussing why Microsoft felt it was more important than anything to suppress cross-platform API's, such as Netscape plug-ins, Java, Intel Native Signal Processing, Lotus Notes, Apple Quicktime (runs on Windows too!) and RealNetworks' multimedia technology, please read my early draft of:
I mentioned this earlier in my recommendation of Seagull Networks (note - SSH, SCP and CGI's you can write and install yourself, even in C or C++) - but I'll say it again.
If you want reliable email, it is important that you own your own domain name. If you want email to get to you easily and reliably, then it's important that the domain name be easy for people to remember and to spell, even when you've just spoken it to them over the phone. (Note that while my business name is GoingWare, Inc. I've also registered goingwhere.com and had Seagull alias it to make sure people can find me.)
You think your Yahoo or Hotmail account is reliable? Guess again. How many big companies have tanked in the last few decades? What if yahoo decides it's not worth their while anymore to provide email service, even if you want to pay for continuing to have the privilege of having the same email address for the rest of your life.
I was proud to be one of the first customers for Scruz-Net - until they went down for a week just after I started my consulting business!
And they've been bought out more times than I can count. I keep my old ISP account there mainly because I haven't moved all my web pages yet, but periodically I download all my email from there and pick the real mail out from the spam and send them a message asking them to use my new permanent emails, either crawford@goingware.com or
michael@geometricvisions.com.
I've also got a few pages on scruznet that I feel are important for people to be able to find in the distant future, so I'm slowly going through my old site there, moving the pages to one of my own domains, and putting a page in the original's place with a META REFRESH tag and a note. But the problem is that some sites have permanent links to my scruznet pages embedded in their databases that I've been unable to get them to correct.
In the long run, I'll close my account at Scruznet and they say they will redirect accesses to my old site to a single, fixed URL but people may not be able to find what they're looking for.
As I emphasize in Market Yourself - Tips for High-Tech Consultants, it's important to own your own domain name not just to maintain a professional appearance and so your customers can find you, but everyone should own their own domain name so they can have a permanent address.
If you own your own domain name and your service should go bad, you can relocate it to another provider and be up in a few days. Mainly you just have to wait for the new DNS to take effect.
An added benefit of owning your own domain name is that you often get what are incorrectly termed "postmaster" email addresses. With these, any mail sent to anyuser@yourdomain.com will be delivered to your mailbox. You can combine this with filtering email clients to suppress spam. You still have to download the stuff but what you do is sort all of your legitimate mailing list mail into separate mailboxes, and mail addressed to your real name into the main mailbox you read, and leave everything else in your inbox.
Then if you need to give a website a valid email address, say to allow them to send you a password, you give them the email theirdomain@yourdomain.com.
If they sell your name to a mailing list at least you know who's done it. For example, this is the way that I know that Citibank is using the email I used to log into my cardholder webpage to access my account - I've only used that particular email for that one page. But Citibank is now sending spam to this address asking me to sign up for their card! How dumb can they get!
If you really don't care whether an email address should last, as when signing up for a web page, this is when you really do want to get yourself a Yahoo or Hotmail account. That way their servers can handle all the spam and not yours.
I mistyped the URL to http://www.williebrown.com in the above, give this link a try especially if you live in San Francisco.
The BeOS Tip Server page on doing POP with SSH is at Secure Email Download with SSH. Note that POP exposes your password unless you use port forwarding with SSH as I describe (or some more advanced download method). Don't think you're super-cool if you SSH to do your shell access but then download your mail with plaintext POP!
Finally, seagull allows you to install your own CGI's that you can get wherever you want or you can write them yourself with the full set of Linux developer tools they have on the servers - so you can write CGI's in C++ rather than Perl, if you'd like.
Also, I just have their "Lieutenant" hosting for $20/month, they have other options for higher prices such as root FTP server and SSL web page service as well as paying for high traffic so you can run a commercial site there.
Whenever anyone asks me for a hosting recommendation, I always recommend Seagull.
No, Seagull is not an ISP. While it would be nice to have a secure ISP, you're better off using any random joker for your ISP, owning your own domain name so you can relocate it in the event your service tanks (I discuss this in Market Yourself - Tips for High-Tech Consultants) and accessing the hosting service via SSH and SCP (secure copy). Note that it does no good to only use SSH - you have to use SCP as well.
Here's a sample SCP command line, in case you can't figure it out, it's very simple but I had a hard time from the man page:
scp foo.bar crawford@www.goingware.com:.
The above places file foo.bar in the home directory of user crawford on www.goingware.com.
Besides being a good service, it's a small enough company to offer personal service. I've sent support email to the webmaster at 2am his time and had the problem fixed and the mail answered within the hour.
But even though it's a small service, it's not a low-quality service. They have high-performance machines, they are in a good colo facility with a high-speed connection to the backbone, they upgrade their service regularly and the webmaster, Paul Celestin, is just a damn nice guy.
I'm not sure if he still publishes it but Celestin used to produce a CDROM full of useful free source code for the Macintosh. Some of my own Mac open-source programs were on it.
These are the sites I personally have located there:
http://www.goingware.com/ - My consulting company, GoingWare Inc. My livelihood depends on the reliability of this site.
http://www.wordservices.org/ - Seagull hosts this public-service site for free in exchange for me placing a small banner ad on some of the pages
In addition, my wife has a couple sites on Seagull through my account, and my friend Andy Hasse used to host http://www.williebrown.com there (yes, if you live in San Francisco you might remember that Hasse was a consultant to mayoral candidate Clint Reilly when the Brown campaign discovered Andy owned the williebrown domain.)
I have a couple tips for you on checking email. I use PGP when I'm trying to be secure, but it's really not that much that I really care for complete security. But I just don't like people snooping on me, mostly I think it's none of their damn business what's in my mailbox even if it's spam.
So mostly I read my email at seagull using elm while logged in via SSH, and when my mailbox gets big, I move it to my home directory and copy it to my home machine via SCP:
goingware$ cp/usr/spool/mail/crawford ~
goingware$ echo ""/usr/spool/mail/crawford
back on my home machine:
C> pscp crawford@www.goingware.com:crawford.
It is also possible to download your email via POP with SSH via port forwarding. I describe this on the BeOS Tip Server. It doesn't seem to be responding right now but if you go to its search and enter "ssh" you'll find the tip I submitted called something like "Secure email download via ssh". The instructions have some BeOS specific items but most of what's there will work on any systems.
Don't have SSH? Try one of these:
Nifty Telnet/SSH for Macintosh - includes a graphical SCP client!
putty for Windows (also supports NT/Alpha) and pscp for secure copy
CygWin - a GNU environment for Win32 - use bash, compile with GCC, a lot of linux code builds right out of the box in Cygwin
78. Although they have been the most prominent, Netscape's Navigator and Sun's Java
implementation are not the only manifestations of middleware that Microsoft has
perceived as having the potential to weaken the applications barrier to entry. Starting in
1994, Microsoft exhibited considerable concern over the software product Notes,
distributed first by Lotus and then by IBM. Microsoft worried about Notes for several
reasons: It presented a graphical interface that was common across multiple operating
systems; it also exposed a set of APIs to developers; and, like Navigator, it served as a
distribution vehicle for Sun's Java runtime environment. Then in 1995, Microsoft reacted
with alarm to Intel's Native Signal Processing software, which interacted with the
microprocessor independently of the operating system and exposed APIs directly to
developers of multimedia content. Finally, in 1997 Microsoft noted the dangers of Apple's
and RealNetworks' multimedia playback technologies, which ran on several platforms
(including the Mac OS and Windows) and similarly exposed APIs to content developers.
Microsoft feared all of these technologies because they facilitated the development of
user-oriented software that would be indifferent to the identity of the underlying operating
system.
-- Thomas Penfield Jackson, U.S. District Judge, Findings of Fact
First, take note of my comment regarding Insight Canada below.
The whole reason I wanted to buy those two Ultra160 hard drives was because I wanted to use them in my work. One for use in a high-end Linux server, and one for use in a Mac 8500.
I couldn't find such drives in St. John's Newfoundland, or a SCSI Ultra160 controller (to be fair, I did get my 39160 controller from Insight, although it still took several weeks).
I didn't want to run an e-commerce site. I just wanted to have fast machines for use in my office. The Linux server was going to serve source code via Samba to a Mac and a Windows machine, to enable simultaneous cross-platform development.
To make matters worse, I wanted to use the Ultra160 drive on a SCSI-2 50 pin single-ended bus. You can do this - see http://www.scsifaq.org - but you need a 68 conductor to 50 conductor adapter which terminates the high byte in the manner specified for Ultra160.
Just try finding one of those in Canada! I ordered it from California from one of the cable vendors listed in the SCSI faq.
With all the little components I was wanting, as well as technical books (Chapters in St. John's is decent, but not as good as a Silicon Valley bookstore), I was frequently being awakened from bed for weeks by the Purolator man delivering some widget or other for weeks after I moved to St. John's.
With Insight's interminable delay in getting my drives to me, and being able to locate a good dual-Xeon motherboard with the extra widgets for clustering ability (out-of-band control), I never did build my server.
And then when my Compaq 1800T laptop had power connector problems and wouldn't charge, Compaq wouldn't send the new power adapter to Canada, even though they have a Canadian subsidiary; it's a US only model that I bought in the US. I had to have Compaq express the new power adapter to my dad in Washington State, and he expressed it to me in Newfoundland, at a cost of $59 - coincidentally, the price of buying a brand-new power adapter.
It turns out that the new power adapter does not completely solve my charging problem, so I'm getting ready to contact Compaq about sending the CPU in for warranty repair. I'm figuring they'll tell me I have to ship it to my dad and then they'll have FedEx pick it up at his house. Maybe when I'm home for thanksgiving...
Now, these are annoyances for me, but multiply them across the whole nation of Canada and I think you have a serious impact on the whole Canadian economy. I'd never have stood for bullshit like this when I was living in Santa Cruz - there are too many computer dealers in the area and in nearby Silicon Valley for anyone to stay in business with such poor performance.
Yes, this is annoying for me but what if you're trying to set up a Canadian e-commerce site? Where do you get your components? Can't get them at the screwdriver shop around the corner like I could in Santa Cruz. SCSI? What's that? Don't even ask about Ultra160 SCSI. It's not just a matter of having to pay the brokerage and shipping fees - it's the time to wait for things to ship and to clear customs, in such a competitive world as the Internet economy, it is simply absurd for anyone to attempt to make a real computer business in Canada.
I'm sad to say it, as I love living here in Canada (for reasons unrelated to the computer biz here), but being unable to deal with business matters effectively such as the lack of components and the lack of access to technical information like well-stocked technical bookstores where I can actually go in and flip through the pages to evaluate a book, is a significant factor in choosing to move back to the U.S.
There are other reasons, but that's one of them.
Funny, I'd thought that being away from Silicon Valley might be a problem in terms of not being able to find clients for my consulting business, but it's not, I still get lots of work from the Bay Area and elsewhere around the world. It's the grunge work like putting together a new machine in a hurry when my main development machine (that laptop) is down that I'm not able to do effectively here.
I posted the above just a few hours ago, but when I did I thought to forward the URL to it to customer service at Insight Canada.
Note that I was told my card had been credited about two weeks ago, and I've been checking with my bank every couple days to try to verify that, to no avail.
Well since I posted the above comment and forwarded the URL to the comment and this discussion to Insight Canada customer service, I received an email from someone in their credit processing department informing me that she just credited my card for CDN$1944.62.
Thanks Slashdot!
She said it would take three or four days for the credit to appear, but I will post a note here once the credit has actually appeared.
While I may have more to be concerned about since I have a mental illness, I find that dealing with moods and emotional concerns to be of profound importance in my work.
On the other hand, as I say in the Metro San Jose article that's linked to from above, one of the reasons I chose to be a programmer (or rather, continued to be a programmer after I'd been doing it for a while) is that I find that being symptomatic is rarely an impediment to working as a programmer - it is sometimes, but not all the time.
You might think that Insight Canada would be a good Canadian e-tailer - but think again.
I ordered two quantum 10000 rpm SCSI Ultra 160 18 GB hard drives from them about five months ago.
Even though their US parent company listed those drives as in-stock, the Canadian subsidiary had to order them from a distributor and estimated they would take a month to arrive.
After repeated phone calls about where my disks drives were going unreturned, I gave up on ever getting my order. I figured they'd lost it.
Finally after I moved out of my house in St. John's and left the country and was in the US again, they shipped the drives and charged my card. I'd long since spent the money on the card that I'd set aside for the drives, thus prompting a call from my bank's security department wondering where their money was.
Question - why did the bank authorize the charge when there couldn't have been more than 50 dollars in available room on the card?
What followed was days and days of struggling with Insight Canada to get my card refunded. Eventually my bank got tired of waiting and covered the charge just by taking the money from my checking account.
It's been two weeks since Insight Canada claims they refunded the money for those two very expensive drives, and my card still has not been credited. I check with my bank every couple of days.
If anyone at Insight is reading this and wants to investigate this, my sales rep is Jordy at x5087.
No, not a troll but inaccurate information quoted from memory.
While I think the inspiration does go back to the white bikes of Amsterdam, the YNC FAQ says they're actually inspired by the Yellow Bike Coalition, which apparently did originally leave yellow bikes on the street, but now lends them for long term use.
Apparently the expectation that anyone could take a yellow bike often meant that someone who'd ridden to a friend's house or business would have their bike borrowed away from them when the left the bike unlocked to go inside.
Note that while I'm on their mailing list and I'm pleased to have donated hardware to the YNC, I don't run it. I'll try to start a chapter myself once I get settled but at the present time my life is in too much flux.
Inspired by the free yellow bicycles of Amsterdam (which you can just pick up on the street corner and ride around), the YNC takes donations of hardware, mostly old 486's, fixes them up, installs linux on them, and gives them away for free for use either as NAT servers and firewalls (so people may have multiple machines of any OS on a single network connection) and as Linux user workstations.
I gave my venerable old 486 to them. Like George Washington's axe, it started life as a 386, then got a new microprocessor, motherboard, CPU, case, memory and hard disk before finally going to the YNC.
Note that unlike some operating systems out there, Linux runs just fine on a 486 - I was using it as a web server on mine and could run the server and XWindows at the same time and never noticed any performance problems. Windows 95 was a dog on the same machine.
They also plan to build free internet kiosks in neighborhoods. You'd just be able to walk up to a weather-sealed machine and start browsing at no cost. I've heard the founder has one of these outside his house. What they'd do is hang off the DSL connection inside neighboring homes and businesses, perhaps through wireless.
They also give lessons on setting up firewalls and such, and go around giving public talks on their activities.
They have chapters in Santa Cruz and San Francisco, California, as well as Japan. I'll probably set one up in Maine if my home purchase there comes through.
Apparently the DMCA itself requires that notifications of violations of the DMCA must be made in writing with a "wet" signature, that is actually written by hand with ink. Email and fax is insufficient.
The fellow suggests that you post the following on your site as a legal notice to those who may attempt to contact you about material on your site that they claim infringes their copyright:
Procedure for Notifying Yourname.com
of Copyright Infringement Claims
In accordance with the DMCA, copyright owners,
or persons authorized to act on behalf of owners
who believe specific Shared Content may infringe
any exclusive right(s) of the copyright owner should
notify Yourname.com's designated agent in the
following manner:
Notices Must Be in Writing: Yourname.com must
obtain all required information in writing in the form
of a 'Notice of Copyright Infringement' ("Notice").
Telephonic, verbal or other non-written
communications are insufficient under
Yourname.com's policies and do not meet the
requirements of the DMCA.
Content of Notice: Notice to Yourname.com must
include the following information:
1. Identification of the copyrighted work that You
claim has been infringed, or, if multiple copyrighted
works are covered in the Notice, a representative list
of the copyrighted works that You claim have been
infringed using Yourname.com's services; 2.
Identification of Shared Content, material or activity
that You claim is infringing, that is to be removed or
access to which is to be disabled. Such identification
must contain information sufficient to permit
Yourname.com to locate that Shared Content; 3.
Your street and mailing address, telephone number
and, if available, Your electronic mail address; 4. A
statement by You that You have a good faith belief
that the disputed use of the copyrighted material is
not authorized by the copyright owner, its agent, or
the law (e.g., fair use); 5. A statement by You, made
under penalty of perjury, that all the information in
Your Notice is accurate and that You are the
copyright owner, or authorized to act on behalf of an
owner of any exclusive right that is allegedly infringed
by the materials referenced in Your Notice.
Notices Must be Signed: The written notice must be
subscribed with the "wet signature" (no facsimiles,
proxies or copies) of the copyright owner or of a
person authorized to act on behalf of an owner of
any exclusive right(s) that are allegedly infringed by
the materials referenced in the Notice.
Delivery to Designated Agent: The Notice must be
addressed and delivered via U.S. Mail, Express
Mail, or Courier to Yourname.com's Designated
Copyright Agent, as follows:
Copyright Agent
Yourname.com
Your Blvd
Your Town, State Zip Code
Your Phone Number
If You suspect specific Shared Content may
constitute copyright infringement, but are not the
copyright owner or authorized to act on behalf of an
owner of any exclusive right(s) that You believe may
be infringed, please notify Yourname.com at
legal@Yourname.com. If You are not the copyright
owner or the owner's representative, Yourname.com
may not be able to remove the Shared Content.
Yourname.com will attempt to investigate each
report and forward each notice to the appropriate
copyright owner, if identified.
Many large Microsoft customers are part of some licensing program, I think it's called "Microsoft Select", in which the customers purchase a license to do mass duplications of operating system software as well as some microsoft applications.
What the enterprise customer does is set up an initial install with the OS and application and then clone it to new PCs with Norton Ghost. (I recently used the personal edition for $99 to back up a freshly installed dual-boot windows system and I think it's just dandy; now comprehends linux ext2 filesystems).
This is a problem because traditional Microsoft OEMs are contractually obligated by Microsoft to install some operating system on every machine they sell. Microsoft claims that this is to cut down on piracy, but it has the added effect of discouraging people from trying out other operating systems.
The solution? Encourage the enterprise customers to purchase hardware with no operating system at all installed on it from OEMs that have no relationship with Microsoft. Then the customer can do their Ghost cloning without any worry about double license fees. This will work well both for the large enterprise customers that may have been helped by the minor adjustment in Microsoft's policy, as well as the smaller enterprise that were no helped out.
If you work for one of the traditional linux hardware vendors, I'd like to suggest to you that you view Microsoft Windows enterprise customers as a new market opportunity, not just to sell Linux to, but just to sell naked hardware to. If the hardware has no OS installed at all, there's no OS support issues to be concerned with, as there might be if you put some Linux distro on it.
Consider also that although trying to sell a machine bundled with Linux might meet resistance from a company that really does need its Windows applications to do business, selling naked hardware and emphasizing savings on Windows license fees is an easy foot in the door. Once you establish a rapport with the customer you'll have a better chance to upsell them to Linux.
Also consider that if Microsoft OEMs start losing significant hardware sells to folks like VA Linux Systems, Penguin Computing, Tuxtops and the screwdriver shops, they'll be a little more aggressive about getting Microsoft to back down on requiring an OS to be installed.
Of course, an alternative to the traditional OEM vendors is to just preinstall Debian and include a clause in the contract stating that the preinstall OS software is not supported by anyone. That just pretty much screws Microsoft up the Yin-Yang.
I think it would be helpful to have a central website devoted to reverse engineering tools, as well as archives of legal documents, tracking reverse engineering news developments, discussion forums for trading tips and so on.
Anyone want to set one up? I don't really have the time right now but I could contribute expertise and code.
What would be a good domain name?
Or are there any sites like this already? Certainly there must be sites that contain bits of what I propose - but what about a full-fledged reverse engineering archive and portal.
I also posted this in the discussion at ZDNet, although it hasn't been posted by the moderators yet as I write this.
I'm a reverse engineer. The very first contract job I did when I started my new consulting business was to reverse engineer the file format for a project management database used by the motion picture industry.
My client, Graphical Planet, wanted to make a product that would interoperate with Movie Magic Scheduling. Only the Movie Magic publishers wouldn't tell them how, and in fact were quite unfriendly towards them.
We initially agreed that I would complete the reverse engineering in a week and be paid $1500.
It actually took me three weeks, and was some of the most difficult work I have done as a programmer - while it was interesting, it was mentally painful, like cracking an enemy code. Perhaps what made it worse was that I desperately needed the money and only would get paid if I succeeded.
In the end I was able to write up a detailed file format specification document, and I also wrote a C program that would dump the contents of a MM project file into a human-readable text file. I successfully tested it by dumping out the full project file from an actual full-length motion picture.
How did I do it? I created lots of little sample files, for example, my first document I added only the letter "A" in one field, then made a second, where I changed that to the letter "B". I made hex dumps of the files and then compared the hex dumps. A lot of the work went into trying to find the best kind of files to make for my testing.
I want to point out that, until the DMCA reverse engineering was always perfectly legal in the US, and in fact state trade secret protection laws specifically grant reverse engineering an exemption from trade secret protections.
Even now, most things are still legal to reverse engineer, and I think it is likely that the DMCA will be found unconstitutional - or some applications of it will be, for example the Content Scrambling System is clearly a violation of well-established antitrust laws.
One of the reasons that reverse engineering is legally protected, I understand, is that it is not the public's objective that novel inventions be kept secret.
What the government would prefer a company do if it wants to have a monopoly over an invention is to apply for a patent, because part of the patent application is a full disclosure of the invention (sufficiently detailed that some one expert in the art could reproduce it), and then the monopoly is granted for a limited time.
Twenty years may seem like forever in high-tech, but keep in mind that the monopoly does eventually come to an end. This is why we have generic drugs, for example, and also not that the patent on RSA public key cryptography, the basis of PGP encryption and the SSL or secure socket layer, used for https secure web pages, expired in September of this year.
I think the principles stated in The Cluetrain Manifesto will help here - they've already started to, because the ZDnet article is instantly available worldwide and is already provoking discussions at such places such as here at Slashdot.
First I'd like to suggest that some big motorola customers get together and visit an attorney and have them write up a contract. This contract will state that, in return for purchasing products from a Motorola dealer, the dealer agrees to hold the customer's demographic information confidential, and forbid it to be shared with any third party - specifically name Motorola, but also say any third party.
If the dealer won't sign, ask them if they carry any of Motorola's competitors' products, and buy those instead. Alternatively, shop around for Motorola dealers willing to sign.
Rememeber, your information is your information, and while there may be no law to protect you, if the dealer signs such a contract, then you have civil law to protect you.
When such a contract has been drafted, put it on a web page and distribute the URL widely so that all Motorola customers may benefit.
Secondly, keep in mind that Motorola is a huge company. They have interests around the globe. Interested in buying a Mac? Print out the ZDNet article and bring it with you to the Apple dealer. Tell them you want to look inside the case of the Mac you're considering purchasing. Tell them you'd be happy to make the purchase if the PowerPC chip was manufactured by IBM, but you won't consider purchasing a Mac containing a Motorola brand PowerPC - the chip was jointly designed by Apple, IBM and Motorola and is actually manufactured by IBM and Motorola (multiply sourced). Second sourcing means you as a consumer have a choice.
Also look around you and think about what products you use that are made by Motorola. Do you do MacOS, BeOS, or QNX development? How about embedded or game consoles? Perhaps then you use Metrowerks Codewarrior for your development system (compiles for Windows too - I vastly prefer it to Visual C++ or Borland). Metrowerks is now a Motorola subsidiary. If so, drop a line to any contacts you may have at Metrowerks, give the URL to the ZDNet article, and ask them to let the folks they know at Motorola that this practice is unacceptible.
Do you actually design embedded hardware? Consider alternatives to Motorola products - again, IBM has some altnernatives - and let your rep at Motorola know that you're not going to be needing his services anymore - and tell him why.
I used Eudora. Live Picture is just about done with its bankrupcy proceedings.
I'm afraid I didn't save the letter (which I think was one of the best things I ever wrote), but I remember saying that Live Picture was special because it provided quality technical employment in Santa Cruz County, but in Silicon Valley it would be just another software company in a sea of faceless companies stretching from horizon to horizon.
I copied the resignation widely throughout the company (including the president) three hours after the president announced plans for the move. Later that evening I began collecting URLs to list in the first version of the above-linked web page and a few days later quietly passed out the URLs to my fellow employees.
The president, (ahem) "resigned" after losing tens of millions of dollars.
What you suggest might be appropriate for merely annoying software, but what about software that is expressely intended to subvert the government - imagine a revolutionary wrote a virus that identified whether the computer it was on was in the.GOV domain and then wiped its hard drive.
Or provided secure communications channels for reporting human rights violations from within repressive regimes?
Or suppose the software in some way helped promote meaningful political change in a repressive regime - and was developed within the territory of that regime?
No, really this is an important question and needs to be addressed in a serious way.
While I don't know that mkisofs, mkhybrid and cdrecord don't put in such identifying information, it's less likely and you can at least inspect and modify the source code to make sure they don't.
Here's my own little bit of subversion. It's not subversive software, but it's a programmer speaking out to other programmers and against the interests of an entrenched industry: high-tech headhunters:
I get quite a few positive responses from other consultants from these pages - and rare responses from headhunters asking why I'm taking food from their children's mouths.
I don't have anything against recruiters who practice their business in an ethical way, but "ethical" no longer describes the standard practice of the headhunting business.
For example, one person who read my page wrote in to say that a recruiter had sent her to an employer's office for an interview, without the interview actually having been scheduled. She found out she was neither expected nor welcome after waiting in the reception area for 45 minutes. The recruiter had failed to secure an interview and hoped the employer would just feel sorry for the candidate and interview her anyway.
Of course, I have to say that I felt pretty secure in my career before posting these pages.
I suggest that you minimize the amount of explicitly subversive code (and also your development workload) by making use of readily available frameworks.
It's preferable if these are open source, but they don't have to be to suit your purpose; for example Metrowerks PowerPlant is the most popular application framework for the MacOS, and although it is a commercial product it is inexpensively available and when you do buy the Codewarrior development system you get the PowerPlant source code on the installation disk.
You can even develop an open source framework yourself and publish it openly, and invite in contributors publicly, and distribute non-subversive demo and test programs. Alternatively, you can add functionality to frameworks that almost suit the purpose and submit your patches back to the original maintainers.
This will save you work, although you may have to write "adapters" to be able to use someone else's library for your own purposes, it will increase reliability of your product, because the framework will have already been debugged by someone else and also tested under a wider variety of circumstances than it will encounter in your code, and you can concentrate your work on the particularly subversive parts.
Then you post only the "interesting" parts of your source code, and provide hyperlinks to the needed application frameworks in your build instructions. Be sure to include the version numbers needed for this build of your program, and if the sources to any of the frameworks are signed with a public key, include the key which those sources were signed with when you got them. That way you can be sure future programmers can rebuild the same program as you did.
It may well be that you have a large application but only a few source files and some build instructions to upload, which could be done off a floppy disk at a public access terminal. If you upload these to a few free webhosting service pages, then email the URL to a bunch of warez site maintainers, your code will be looked after.
Note: to find lots of warez sites (and even more serialz sites) go to Altavista, click on "Advanced Search" and enter:
Probably only 10% of the sites you find will actually have live warez (they get taken down quickly) but some patient hunting will find you any software title you want - but of course your objective here is to contact the warez site maintainers so they can introduce your program into their archive system.
Note that if you want to build a Windows application you can build it with Cygwin (a GNU shell environment for Windows including gcc) so you can be sure Microsoft doesn't embed Globally Unique Identifiers in your code. I'd also suggest that when you make a windows build, you buy a brand-new copy of windows 98 (pay cash), install it on a freshy formatted hard drive, build your binary, upload it, low-level format the hard disk you built it on and throw away the Windows 98 installation disk and all the materials that came with it. It's probably hard to get away with installing a development system on a public access terminal.
If you don't want to use a public access terminal (after all, you might be recorded on a surveillance camera, or the coffee shop waiters might remember you skulking around), then use Zero Knowledge Systems' Freedom to anonymize your web access.
Note that the way Freedom works is your HTTP packets are multiply encrypted with the public keys of the Freedom Network's servers, then "unwrapped" one by one as they pass through up to three servers until they are passed unencrypted to the public net at a faraway place.
Freedom provides both anonymous web browsing and anonymous email send and receive.
While all free software provides it source code, not all programs provide source code that is suitable for use as libraries. Unless you want to go to a lot of extra trouble, it's probably best to look for ready-to-use libraries that are packaged as such, rather than trying to extract code from a complete program. Unless the original application developer went to extra trouble to make components of his program able to stand on their own, it is usually difficult to extract parts of a program out and use them as a library, except perhaps for little snippets.
On the other hand, when you write new code, it is definitely worth while to snip out little bits and make sure that they will compile and run on their own, or depend only on other readily available libraries. That way you can create a library yourself.
The book More C++ Gems has some articles on Large-Scale Software Architecture that discusses reducing cyclic dependencies in software projects, in part so that the projects can be rebuilt faster but also so that they can be unit tested in smaller parts and the parts can be extracted out and reused in other programs - although the claim is often made that object-oriented software is more reusable, this claim is baseless unless good engineering practices are observed.
Slashdot Mirror
My algorithm was lossless and what strikes me the most is the speed - my algorithm was notable for the speed of decompression, and we used it in particular just because it was so much faster than GIF, which was a significant advantage when you were scanning through lots of images on CDROM. While I only implemented it for 8-bit indexed images I felt it would likely work fine for any bit depth or color space.
Medior was later purchased by AOL and renamed to AOL Productions. I think AOL Productions isn't around anymore but lots of old Medior people still work for AOL, for example former Medior President Barry Shuler is a high-level exec at AOL.
Basically, my invention worked by dividing the image up into lots of little subregions and encoding each pixel in a given subregion in the minimum number of bits required to encode the number of colors that occurred in that region.
For example, in an image that was black on top and white on the bottom, I'd have two subreqions with zero bits each and a single element color table that was either black or white.
If it was snow - black and white pixels randomly intermixed - the whole image would be one bit with a two-element color table containing black and white.
The big trick was to divide the image in a good way, in such a way that the whole image was reduced the most and the size of the data required to reconstruct the regions wasn't too big. In practice I found it worked OK to start with lots of small fixed-size squares then merge adjacent squares that had similar color schemes.
I wrote a document for Medior that described what I invented in great detail and what I predicted this could be made to do. What I actually got it to do in practice was not nearly what it was capable of, but this was because of the limited time available to implement it.
Michael D. Crawford
GoingWare Inc
No, this is not spam telling you how to get rich quick stuffing envelopes.
There's more to it, but one of the essential things you need to know is how to find clients. It's easy to do, using the web. Please read:
Market Yourself - Tips for High-Tech Consultants
A business tips from GoingWare's Bag of Programming Tricks. You'll find other helpful articles there on the business and technique of computer programming.
The result is that it is very difficult for the developer to bring the product out on a competing platform, and it discourages users from moving to a different OS when they feel the vendor isn't serving their needs (because they can't get the solutions to their problems).
If the developer doesn't want to deal with the OS vendor anymore, he's really got a problem - either suffer under the vendor's thumb, or make a great deal of personal sacrifice to move to a different operating system.
I was sick of Apple so I wrote I'm worried about my future. That's why I'm a Be developer.
And in fact I shipped (and still do support) on of the first commercial applications for the BeOS, Spellswell from Working Software.
Nothing Be ever did made any sense, and while there are individuals at the company that I regard highly, on the whole I felt the company to be uniquely unresponsive and incompetent.
And just when they were showing some promise of shipping enough BeOS installations that I had some hope of making more than the measly couple hundred bucks I'd earned in royalties in the three years I'd been working on Spellswell, they announced a "change in focus" and said they weren't going to support the desktop anymore, except for the extent necessary to use it as a development platform for their new Strategy Du Jour, Internet Appliances.
After I posted on BeDevTalk that Some of Us Work for a Living, the moderator told me he was fed up with a developer who was trying to discuss business issues of concern to Be's third-party developers on Be's third-party developer mailing list. That was my last message to bedevtalk - he unsubscribed me.
I've been working on a really challenging C++ application for a few months, and after reading C++ Answers with Bjarne Stoustrup I got excited about really digging into the basics of programming - but from the perspective of a developer with 13 years of work experience and a lot of shipping products.
I bought a few books, mostly on C++ and also hit some websites and newsgroups, and I became a much better programmer as a result. And I really felt that I did better to spend my time on core architectural and language issues rather than dealing with OS-specific nits or tool issues. And so I wrote Study Fundamentals, Not APIs, Tools or OSes.
So this brings me back to being used by operating systems vendors to serve their material needs at my expense and the cost of much personal pain. If you become a better programmer by learning the basics better, to can fluidly go from OS to OS without much of a learning curve.
But there's the problem that you have to use some API to code your application to, and while Java claims to be "platform-independent" it is really a proprietary platform in itself - just try making use of platform-specific code in a Java application, yes you can do it with the Java Native Interface but it is difficult and an assault on the Java developer's senses to write a dll in C or C++ to load into the runtime.
So what you really need is a cross-platform application framework that you can write in with a language such as C++, that comes preconfigured with easy-to-use preprocessor symbols so you can drop into OS-specific code at your whim, and will compile from a single sourcebase to native machine code for multiple operating systems.
Funny that, since December '99 I've been writing a multithreaded special-purpose graphics editor that is also an HTTP client with just such a cross-platform application framework. I can develop on Mac or Windows as the need suits me and switch back and forth at a moments notice (especially now that I've got filesharing between my machines). My client only asked for Mac and Windows versions but I could port to BeOS or Linux in a few days. The framework is called ZooLib.
It was written by my friend Andrew Green of The Electric Magic Company, originally to insulate himself from Apple's API nonsense. (Do you remember when all progress on developer tools at Apple and Symantec stopped while they went off into the sunset to develop Bedrock, itself a cross-platform application framework and an immense investment of time and money - and then abandoned it? If it hadn't been for then-tiny Metrowerks Apple would have gone out of business after shipping the first PowerPC Macs, because there would have been no native PPC compilers.)
He felt that if he could code to his own layer and Apple changed their API, he'd just have to reimplement the OS-specific layer and he'd be working again. But then a little more work and he'd be cross-platform...
If you click that link today you'll just get a placeholder page. But just wait a few days...
(For practical reasons the source itself, mailing lists and so on will be provided at http://zoolib.sourceforge.net/ once it's released.)
While ZooLib is to be newly released to the public it is not new code. It has been in use in commercial products for about five years - and in development in my own since last December. Part of why Andy gave me the code and I've been working with it is to give him meaningful architectural feedback and detailed bug reports so he can prepare it for public release.
I've been urging Andy to release the source as-is for a couple of years but his standards are incredibly high for a programmer. Andy's code doesn't just work, it is correct.
Andy spares no effort or time to fix the smallest problems (this is especially important in multithreaded code - think about reference counted smart pointers that are operated on by different threads, as you can do with Zoolib), and part of why he's been delaying the release is to improve the overall architecture.
For more details, including relevant quotes from Judge Thomas Penfield Jackson's Findings of Fact and Final Judgement discussing why Microsoft felt it was more important than anything to suppress cross-platform API's, such as Netscape plug-ins, Java, Intel Native Signal Processing, Lotus Notes, Apple Quicktime (runs on Windows too!) and RealNetworks' multimedia technology, please read my early draft of:
The Cross-Platform Manifesto
Thank you for your attention.
Regards,
If you want reliable email, it is important that you own your own domain name. If you want email to get to you easily and reliably, then it's important that the domain name be easy for people to remember and to spell, even when you've just spoken it to them over the phone. (Note that while my business name is GoingWare, Inc. I've also registered goingwhere.com and had Seagull alias it to make sure people can find me.)
You think your Yahoo or Hotmail account is reliable? Guess again. How many big companies have tanked in the last few decades? What if yahoo decides it's not worth their while anymore to provide email service, even if you want to pay for continuing to have the privilege of having the same email address for the rest of your life.
I was proud to be one of the first customers for Scruz-Net - until they went down for a week just after I started my consulting business!
And they've been bought out more times than I can count. I keep my old ISP account there mainly because I haven't moved all my web pages yet, but periodically I download all my email from there and pick the real mail out from the spam and send them a message asking them to use my new permanent emails, either crawford@goingware.com or michael@geometricvisions.com.
I've also got a few pages on scruznet that I feel are important for people to be able to find in the distant future, so I'm slowly going through my old site there, moving the pages to one of my own domains, and putting a page in the original's place with a META REFRESH tag and a note. But the problem is that some sites have permanent links to my scruznet pages embedded in their databases that I've been unable to get them to correct.
In the long run, I'll close my account at Scruznet and they say they will redirect accesses to my old site to a single, fixed URL but people may not be able to find what they're looking for.
As I emphasize in Market Yourself - Tips for High-Tech Consultants, it's important to own your own domain name not just to maintain a professional appearance and so your customers can find you, but everyone should own their own domain name so they can have a permanent address.
If you own your own domain name and your service should go bad, you can relocate it to another provider and be up in a few days. Mainly you just have to wait for the new DNS to take effect.
(For other helpful programmer's tips (mostly technical) see GoingWare's Bag of Programming Tricks.)
An added benefit of owning your own domain name is that you often get what are incorrectly termed "postmaster" email addresses. With these, any mail sent to anyuser@yourdomain.com will be delivered to your mailbox. You can combine this with filtering email clients to suppress spam. You still have to download the stuff but what you do is sort all of your legitimate mailing list mail into separate mailboxes, and mail addressed to your real name into the main mailbox you read, and leave everything else in your inbox.
Then if you need to give a website a valid email address, say to allow them to send you a password, you give them the email theirdomain@yourdomain.com.
If they sell your name to a mailing list at least you know who's done it. For example, this is the way that I know that Citibank is using the email I used to log into my cardholder webpage to access my account - I've only used that particular email for that one page. But Citibank is now sending spam to this address asking me to sign up for their card! How dumb can they get!
If you really don't care whether an email address should last, as when signing up for a web page, this is when you really do want to get yourself a Yahoo or Hotmail account. That way their servers can handle all the spam and not yours.
The BeOS Tip Server page on doing POP with SSH is at Secure Email Download with SSH. Note that POP exposes your password unless you use port forwarding with SSH as I describe (or some more advanced download method). Don't think you're super-cool if you SSH to do your shell access but then download your mail with plaintext POP!
Finally, seagull allows you to install your own CGI's that you can get wherever you want or you can write them yourself with the full set of Linux developer tools they have on the servers - so you can write CGI's in C++ rather than Perl, if you'd like.
Also, I just have their "Lieutenant" hosting for $20/month, they have other options for higher prices such as root FTP server and SSL web page service as well as paying for high traffic so you can run a commercial site there.
Whenever anyone asks me for a hosting recommendation, I always recommend Seagull.
No, Seagull is not an ISP. While it would be nice to have a secure ISP, you're better off using any random joker for your ISP, owning your own domain name so you can relocate it in the event your service tanks (I discuss this in Market Yourself - Tips for High-Tech Consultants) and accessing the hosting service via SSH and SCP (secure copy). Note that it does no good to only use SSH - you have to use SCP as well.
Here's a sample SCP command line, in case you can't figure it out, it's very simple but I had a hard time from the man page:
scp foo.bar crawford@www.goingware.com:.
The above places file foo.bar in the home directory of user crawford on www.goingware.com.
scp crawford@www.goingware.com:web/index.html stash
This copies index.html from directory "web" on www.goingware.com and places it in directory "stash" on the local machine.
Please read my web page on Why You Should Use Encryption
Besides being a good service, it's a small enough company to offer personal service. I've sent support email to the webmaster at 2am his time and had the problem fixed and the mail answered within the hour.
But even though it's a small service, it's not a low-quality service. They have high-performance machines, they are in a good colo facility with a high-speed connection to the backbone, they upgrade their service regularly and the webmaster, Paul Celestin, is just a damn nice guy.
I'm not sure if he still publishes it but Celestin used to produce a CDROM full of useful free source code for the Macintosh. Some of my own Mac open-source programs were on it.
These are the sites I personally have located there:
- http://www.goingware.com/ - My consulting company, GoingWare Inc. My livelihood depends on the reliability of this site.
- http://www.wordservices.org/ - Seagull hosts this public-service site for free in exchange for me placing a small banner ad on some of the pages
- http://www.geometricvisions.com/
In addition, my wife has a couple sites on Seagull through my account, and my friend Andy Hasse used to host http://www.williebrown.com there (yes, if you live in San Francisco you might remember that Hasse was a consultant to mayoral candidate Clint Reilly when the Brown campaign discovered Andy owned the williebrown domain.)I have a couple tips for you on checking email. I use PGP when I'm trying to be secure, but it's really not that much that I really care for complete security. But I just don't like people snooping on me, mostly I think it's none of their damn business what's in my mailbox even if it's spam.
So mostly I read my email at seagull using elm while logged in via SSH, and when my mailbox gets big, I move it to my home directory and copy it to my home machine via SCP:
goingware$ cp /usr/spool/mail/crawford ~
goingware$ echo "" /usr/spool/mail/crawford
back on my home machine:
C> pscp crawford@www.goingware.com:crawford .
It is also possible to download your email via POP with SSH via port forwarding. I describe this on the BeOS Tip Server. It doesn't seem to be responding right now but if you go to its search and enter "ssh" you'll find the tip I submitted called something like "Secure email download via ssh". The instructions have some BeOS specific items but most of what's there will work on any systems.
Don't have SSH? Try one of these:
The whole reason I wanted to buy those two Ultra160 hard drives was because I wanted to use them in my work. One for use in a high-end Linux server, and one for use in a Mac 8500.
I couldn't find such drives in St. John's Newfoundland, or a SCSI Ultra160 controller (to be fair, I did get my 39160 controller from Insight, although it still took several weeks).
I didn't want to run an e-commerce site. I just wanted to have fast machines for use in my office. The Linux server was going to serve source code via Samba to a Mac and a Windows machine, to enable simultaneous cross-platform development.
To make matters worse, I wanted to use the Ultra160 drive on a SCSI-2 50 pin single-ended bus. You can do this - see http://www.scsifaq.org - but you need a 68 conductor to 50 conductor adapter which terminates the high byte in the manner specified for Ultra160.
Just try finding one of those in Canada! I ordered it from California from one of the cable vendors listed in the SCSI faq.
With all the little components I was wanting, as well as technical books (Chapters in St. John's is decent, but not as good as a Silicon Valley bookstore), I was frequently being awakened from bed for weeks by the Purolator man delivering some widget or other for weeks after I moved to St. John's.
With Insight's interminable delay in getting my drives to me, and being able to locate a good dual-Xeon motherboard with the extra widgets for clustering ability (out-of-band control), I never did build my server.
And then when my Compaq 1800T laptop had power connector problems and wouldn't charge, Compaq wouldn't send the new power adapter to Canada, even though they have a Canadian subsidiary; it's a US only model that I bought in the US. I had to have Compaq express the new power adapter to my dad in Washington State, and he expressed it to me in Newfoundland, at a cost of $59 - coincidentally, the price of buying a brand-new power adapter.
It turns out that the new power adapter does not completely solve my charging problem, so I'm getting ready to contact Compaq about sending the CPU in for warranty repair. I'm figuring they'll tell me I have to ship it to my dad and then they'll have FedEx pick it up at his house. Maybe when I'm home for thanksgiving...
Now, these are annoyances for me, but multiply them across the whole nation of Canada and I think you have a serious impact on the whole Canadian economy. I'd never have stood for bullshit like this when I was living in Santa Cruz - there are too many computer dealers in the area and in nearby Silicon Valley for anyone to stay in business with such poor performance.
Yes, this is annoying for me but what if you're trying to set up a Canadian e-commerce site? Where do you get your components? Can't get them at the screwdriver shop around the corner like I could in Santa Cruz. SCSI? What's that? Don't even ask about Ultra160 SCSI. It's not just a matter of having to pay the brokerage and shipping fees - it's the time to wait for things to ship and to clear customs, in such a competitive world as the Internet economy, it is simply absurd for anyone to attempt to make a real computer business in Canada.
I'm sad to say it, as I love living here in Canada (for reasons unrelated to the computer biz here), but being unable to deal with business matters effectively such as the lack of components and the lack of access to technical information like well-stocked technical bookstores where I can actually go in and flip through the pages to evaluate a book, is a significant factor in choosing to move back to the U.S.
There are other reasons, but that's one of them.
Funny, I'd thought that being away from Silicon Valley might be a problem in terms of not being able to find clients for my consulting business, but it's not, I still get lots of work from the Bay Area and elsewhere around the world. It's the grunge work like putting together a new machine in a hurry when my main development machine (that laptop) is down that I'm not able to do effectively here.
Note that I was told my card had been credited about two weeks ago, and I've been checking with my bank every couple days to try to verify that, to no avail.
Well since I posted the above comment and forwarded the URL to the comment and this discussion to Insight Canada customer service, I received an email from someone in their credit processing department informing me that she just credited my card for CDN$1944.62.
Thanks Slashdot!
She said it would take three or four days for the credit to appear, but I will post a note here once the credit has actually appeared.
Also Overcomming (sic) Programmer's Block? (BTW - I submitted the article as "how to overcome programming stuckness?").
While I may have more to be concerned about since I have a mental illness, I find that dealing with moods and emotional concerns to be of profound importance in my work.
On the other hand, as I say in the Metro San Jose article that's linked to from above, one of the reasons I chose to be a programmer (or rather, continued to be a programmer after I'd been doing it for a while) is that I find that being symptomatic is rarely an impediment to working as a programmer - it is sometimes, but not all the time.
I ordered two quantum 10000 rpm SCSI Ultra 160 18 GB hard drives from them about five months ago.
Even though their US parent company listed those drives as in-stock, the Canadian subsidiary had to order them from a distributor and estimated they would take a month to arrive.
After repeated phone calls about where my disks drives were going unreturned, I gave up on ever getting my order. I figured they'd lost it. Finally after I moved out of my house in St. John's and left the country and was in the US again, they shipped the drives and charged my card. I'd long since spent the money on the card that I'd set aside for the drives, thus prompting a call from my bank's security department wondering where their money was.
Question - why did the bank authorize the charge when there couldn't have been more than 50 dollars in available room on the card?
What followed was days and days of struggling with Insight Canada to get my card refunded. Eventually my bank got tired of waiting and covered the charge just by taking the money from my checking account.
It's been two weeks since Insight Canada claims they refunded the money for those two very expensive drives, and my card still has not been credited. I check with my bank every couple of days.
If anyone at Insight is reading this and wants to investigate this, my sales rep is Jordy at x5087.
While I think the inspiration does go back to the white bikes of Amsterdam, the YNC FAQ says they're actually inspired by the Yellow Bike Coalition, which apparently did originally leave yellow bikes on the street, but now lends them for long term use.
Apparently the expectation that anyone could take a yellow bike often meant that someone who'd ridden to a friend's house or business would have their bike borrowed away from them when the left the bike unlocked to go inside.
Note that while I'm on their mailing list and I'm pleased to have donated hardware to the YNC, I don't run it. I'll try to start a chapter myself once I get settled but at the present time my life is in too much flux.
Inspired by the free yellow bicycles of Amsterdam (which you can just pick up on the street corner and ride around), the YNC takes donations of hardware, mostly old 486's, fixes them up, installs linux on them, and gives them away for free for use either as NAT servers and firewalls (so people may have multiple machines of any OS on a single network connection) and as Linux user workstations.
I gave my venerable old 486 to them. Like George Washington's axe, it started life as a 386, then got a new microprocessor, motherboard, CPU, case, memory and hard disk before finally going to the YNC.
Note that unlike some operating systems out there, Linux runs just fine on a 486 - I was using it as a web server on mine and could run the server and XWindows at the same time and never noticed any performance problems. Windows 95 was a dog on the same machine.
They also plan to build free internet kiosks in neighborhoods. You'd just be able to walk up to a weather-sealed machine and start browsing at no cost. I've heard the founder has one of these outside his house. What they'd do is hang off the DSL connection inside neighboring homes and businesses, perhaps through wireless.
They also give lessons on setting up firewalls and such, and go around giving public talks on their activities.
They have chapters in Santa Cruz and San Francisco, California, as well as Japan. I'll probably set one up in Maine if my home purchase there comes through.
http://www.zd net .com/tlkbck/comment/22/0,7056,99112-589101,00.html
Apparently the DMCA itself requires that notifications of violations of the DMCA must be made in writing with a "wet" signature, that is actually written by hand with ink. Email and fax is insufficient.
The fellow suggests that you post the following on your site as a legal notice to those who may attempt to contact you about material on your site that they claim infringes their copyright:
Procedure for Notifying Yourname.com of Copyright Infringement Claims
In accordance with the DMCA, copyright owners, or persons authorized to act on behalf of owners who believe specific Shared Content may infringe any exclusive right(s) of the copyright owner should notify Yourname.com's designated agent in the following manner:
Notices Must Be in Writing: Yourname.com must obtain all required information in writing in the form of a 'Notice of Copyright Infringement' ("Notice"). Telephonic, verbal or other non-written communications are insufficient under Yourname.com's policies and do not meet the requirements of the DMCA.
Content of Notice: Notice to Yourname.com must include the following information:
1. Identification of the copyrighted work that You claim has been infringed, or, if multiple copyrighted works are covered in the Notice, a representative list of the copyrighted works that You claim have been infringed using Yourname.com's services; 2. Identification of Shared Content, material or activity that You claim is infringing, that is to be removed or access to which is to be disabled. Such identification must contain information sufficient to permit Yourname.com to locate that Shared Content; 3. Your street and mailing address, telephone number and, if available, Your electronic mail address; 4. A statement by You that You have a good faith belief that the disputed use of the copyrighted material is not authorized by the copyright owner, its agent, or the law (e.g., fair use); 5. A statement by You, made under penalty of perjury, that all the information in Your Notice is accurate and that You are the copyright owner, or authorized to act on behalf of an owner of any exclusive right that is allegedly infringed by the materials referenced in Your Notice.
Notices Must be Signed: The written notice must be subscribed with the "wet signature" (no facsimiles, proxies or copies) of the copyright owner or of a person authorized to act on behalf of an owner of any exclusive right(s) that are allegedly infringed by the materials referenced in the Notice.
Delivery to Designated Agent: The Notice must be addressed and delivered via U.S. Mail, Express Mail, or Courier to Yourname.com's Designated Copyright Agent, as follows:
Copyright Agent
Yourname.com
Your Blvd
Your Town, State Zip Code
Your Phone Number
If You suspect specific Shared Content may constitute copyright infringement, but are not the copyright owner or authorized to act on behalf of an owner of any exclusive right(s) that You believe may be infringed, please notify Yourname.com at legal@Yourname.com. If You are not the copyright owner or the owner's representative, Yourname.com may not be able to remove the Shared Content. Yourname.com will attempt to investigate each report and forward each notice to the appropriate copyright owner, if identified.
What the enterprise customer does is set up an initial install with the OS and application and then clone it to new PCs with Norton Ghost. (I recently used the personal edition for $99 to back up a freshly installed dual-boot windows system and I think it's just dandy; now comprehends linux ext2 filesystems).
The problem is that if the enterprise customer bought the PC from a tradition Microsoft OEM, it will come preinstalled with Windows, and they'll be required to pay twice for it, as discussed at Paying Twice for Windows and Microsoft licensing deals confuse customers, study says.
Eventually Microsoft yielded somewhat, but only for the largest customers, as discussed in Commentary: Microsoft hasn't totally reversed its policy on fees.
This is a problem because traditional Microsoft OEMs are contractually obligated by Microsoft to install some operating system on every machine they sell. Microsoft claims that this is to cut down on piracy, but it has the added effect of discouraging people from trying out other operating systems.
The solution? Encourage the enterprise customers to purchase hardware with no operating system at all installed on it from OEMs that have no relationship with Microsoft. Then the customer can do their Ghost cloning without any worry about double license fees. This will work well both for the large enterprise customers that may have been helped by the minor adjustment in Microsoft's policy, as well as the smaller enterprise that were no helped out.
If you work for one of the traditional linux hardware vendors, I'd like to suggest to you that you view Microsoft Windows enterprise customers as a new market opportunity, not just to sell Linux to, but just to sell naked hardware to. If the hardware has no OS installed at all, there's no OS support issues to be concerned with, as there might be if you put some Linux distro on it.
Consider also that although trying to sell a machine bundled with Linux might meet resistance from a company that really does need its Windows applications to do business, selling naked hardware and emphasizing savings on Windows license fees is an easy foot in the door. Once you establish a rapport with the customer you'll have a better chance to upsell them to Linux.
Also consider that if Microsoft OEMs start losing significant hardware sells to folks like VA Linux Systems, Penguin Computing, Tuxtops and the screwdriver shops, they'll be a little more aggressive about getting Microsoft to back down on requiring an OS to be installed.
Of course, an alternative to the traditional OEM vendors is to just preinstall Debian and include a clause in the contract stating that the preinstall OS software is not supported by anyone. That just pretty much screws Microsoft up the Yin-Yang.
I think it would be helpful to have a central website devoted to reverse engineering tools, as well as archives of legal documents, tracking reverse engineering news developments, discussion forums for trading tips and so on.
Anyone want to set one up? I don't really have the time right now but I could contribute expertise and code.
What would be a good domain name?
Or are there any sites like this already? Certainly there must be sites that contain bits of what I propose - but what about a full-fledged reverse engineering archive and portal.
Better not physically locate it in the US!
Dear Sir or Madam,
I have archived my previous letter in which I discussed the way I was advising others to avoid Motorola products here:
http://www.goingware.com/mani fes toes/motorola.html
and will continue to widely inform others of the URL widely until Motorola puts a stop to practices such as this.
Regards,
Michael D. Crawford
I'm a reverse engineer. The very first contract job I did when I started my new consulting business was to reverse engineer the file format for a project management database used by the motion picture industry.
My client, Graphical Planet, wanted to make a product that would interoperate with Movie Magic Scheduling. Only the Movie Magic publishers wouldn't tell them how, and in fact were quite unfriendly towards them.
We initially agreed that I would complete the reverse engineering in a week and be paid $1500.
It actually took me three weeks, and was some of the most difficult work I have done as a programmer - while it was interesting, it was mentally painful, like cracking an enemy code. Perhaps what made it worse was that I desperately needed the money and only would get paid if I succeeded.
In the end I was able to write up a detailed file format specification document, and I also wrote a C program that would dump the contents of a MM project file into a human-readable text file. I successfully tested it by dumping out the full project file from an actual full-length motion picture.
How did I do it? I created lots of little sample files, for example, my first document I added only the letter "A" in one field, then made a second, where I changed that to the letter "B". I made hex dumps of the files and then compared the hex dumps. A lot of the work went into trying to find the best kind of files to make for my testing.
I want to point out that, until the DMCA reverse engineering was always perfectly legal in the US, and in fact state trade secret protection laws specifically grant reverse engineering an exemption from trade secret protections.
Even now, most things are still legal to reverse engineer, and I think it is likely that the DMCA will be found unconstitutional - or some applications of it will be, for example the Content Scrambling System is clearly a violation of well-established antitrust laws.
One of the reasons that reverse engineering is legally protected, I understand, is that it is not the public's objective that novel inventions be kept secret.
What the government would prefer a company do if it wants to have a monopoly over an invention is to apply for a patent, because part of the patent application is a full disclosure of the invention (sufficiently detailed that some one expert in the art could reproduce it), and then the monopoly is granted for a limited time.
Twenty years may seem like forever in high-tech, but keep in mind that the monopoly does eventually come to an end. This is why we have generic drugs, for example, and also not that the patent on RSA public key cryptography, the basis of PGP encryption and the SSL or secure socket layer, used for https secure web pages, expired in September of this year.
First I'd like to suggest that some big motorola customers get together and visit an attorney and have them write up a contract. This contract will state that, in return for purchasing products from a Motorola dealer, the dealer agrees to hold the customer's demographic information confidential, and forbid it to be shared with any third party - specifically name Motorola, but also say any third party.
If the dealer won't sign, ask them if they carry any of Motorola's competitors' products, and buy those instead. Alternatively, shop around for Motorola dealers willing to sign.
Rememeber, your information is your information, and while there may be no law to protect you, if the dealer signs such a contract, then you have civil law to protect you.
When such a contract has been drafted, put it on a web page and distribute the URL widely so that all Motorola customers may benefit.
Secondly, keep in mind that Motorola is a huge company. They have interests around the globe. Interested in buying a Mac? Print out the ZDNet article and bring it with you to the Apple dealer. Tell them you want to look inside the case of the Mac you're considering purchasing. Tell them you'd be happy to make the purchase if the PowerPC chip was manufactured by IBM, but you won't consider purchasing a Mac containing a Motorola brand PowerPC - the chip was jointly designed by Apple, IBM and Motorola and is actually manufactured by IBM and Motorola (multiply sourced). Second sourcing means you as a consumer have a choice.
Also look around you and think about what products you use that are made by Motorola. Do you do MacOS, BeOS, or QNX development? How about embedded or game consoles? Perhaps then you use Metrowerks Codewarrior for your development system (compiles for Windows too - I vastly prefer it to Visual C++ or Borland). Metrowerks is now a Motorola subsidiary. If so, drop a line to any contacts you may have at Metrowerks, give the URL to the ZDNet article, and ask them to let the folks they know at Motorola that this practice is unacceptible.
Do you actually design embedded hardware? Consider alternatives to Motorola products - again, IBM has some altnernatives - and let your rep at Motorola know that you're not going to be needing his services anymore - and tell him why.
Some links for you:
- The Electronic Privacy Information Center
- The Center for Democracy and Technology
- The Electronic Frontier Foundation
- JunkBusters
Tilting at Windmills for a Better Tomorrow.I used Eudora. Live Picture is just about done with its bankrupcy proceedings.
I'm afraid I didn't save the letter (which I think was one of the best things I ever wrote), but I remember saying that Live Picture was special because it provided quality technical employment in Santa Cruz County, but in Silicon Valley it would be just another software company in a sea of faceless companies stretching from horizon to horizon.
I copied the resignation widely throughout the company (including the president) three hours after the president announced plans for the move. Later that evening I began collecting URLs to list in the first version of the above-linked web page and a few days later quietly passed out the URLs to my fellow employees.
The president, (ahem) "resigned" after losing tens of millions of dollars.
Usually my very best emails are flames...
Or provided secure communications channels for reporting human rights violations from within repressive regimes?
Or suppose the software in some way helped promote meaningful political change in a repressive regime - and was developed within the territory of that regime?
No, really this is an important question and needs to be addressed in a serious way.
Market Yourself - Tips for High-Tech Consultants
Important Note to Recruiters and Contract Agencies
I get quite a few positive responses from other consultants from these pages - and rare responses from headhunters asking why I'm taking food from their children's mouths.
I don't have anything against recruiters who practice their business in an ethical way, but "ethical" no longer describes the standard practice of the headhunting business.
For example, one person who read my page wrote in to say that a recruiter had sent her to an employer's office for an interview, without the interview actually having been scheduled. She found out she was neither expected nor welcome after waiting in the reception area for 45 minutes. The recruiter had failed to secure an interview and hoped the employer would just feel sorry for the candidate and interview her anyway.
Of course, I have to say that I felt pretty secure in my career before posting these pages.
It's preferable if these are open source, but they don't have to be to suit your purpose; for example Metrowerks PowerPlant is the most popular application framework for the MacOS, and although it is a commercial product it is inexpensively available and when you do buy the Codewarrior development system you get the PowerPlant source code on the installation disk.
You can even develop an open source framework yourself and publish it openly, and invite in contributors publicly, and distribute non-subversive demo and test programs. Alternatively, you can add functionality to frameworks that almost suit the purpose and submit your patches back to the original maintainers.
This will save you work, although you may have to write "adapters" to be able to use someone else's library for your own purposes, it will increase reliability of your product, because the framework will have already been debugged by someone else and also tested under a wider variety of circumstances than it will encounter in your code, and you can concentrate your work on the particularly subversive parts.
Then you post only the "interesting" parts of your source code, and provide hyperlinks to the needed application frameworks in your build instructions. Be sure to include the version numbers needed for this build of your program, and if the sources to any of the frameworks are signed with a public key, include the key which those sources were signed with when you got them. That way you can be sure future programmers can rebuild the same program as you did.
It may well be that you have a large application but only a few source files and some build instructions to upload, which could be done off a floppy disk at a public access terminal. If you upload these to a few free webhosting service pages, then email the URL to a bunch of warez site maintainers, your code will be looked after.
Note: to find lots of warez sites (and even more serialz sites) go to Altavista, click on "Advanced Search" and enter:
Probably only 10% of the sites you find will actually have live warez (they get taken down quickly) but some patient hunting will find you any software title you want - but of course your objective here is to contact the warez site maintainers so they can introduce your program into their archive system.Note that if you want to build a Windows application you can build it with Cygwin (a GNU shell environment for Windows including gcc) so you can be sure Microsoft doesn't embed Globally Unique Identifiers in your code. I'd also suggest that when you make a windows build, you buy a brand-new copy of windows 98 (pay cash), install it on a freshy formatted hard drive, build your binary, upload it, low-level format the hard disk you built it on and throw away the Windows 98 installation disk and all the materials that came with it. It's probably hard to get away with installing a development system on a public access terminal.
If you don't want to use a public access terminal (after all, you might be recorded on a surveillance camera, or the coffee shop waiters might remember you skulking around), then use Zero Knowledge Systems' Freedom to anonymize your web access.
Note that the way Freedom works is your HTTP packets are multiply encrypted with the public keys of the Freedom Network's servers, then "unwrapped" one by one as they pass through up to three servers until they are passed unencrypted to the public net at a faraway place.
Freedom provides both anonymous web browsing and anonymous email send and receive.
Some sources for open source libraries:
- Available C++ Libraries FAQ
- The Apache XML Project
- The Free Software Foundation software page
- Walnut Creek CDROM Free Software Archive
- SourceForge
- Freshmeat
- Gnome
While all free software provides it source code, not all programs provide source code that is suitable for use as libraries. Unless you want to go to a lot of extra trouble, it's probably best to look for ready-to-use libraries that are packaged as such, rather than trying to extract code from a complete program. Unless the original application developer went to extra trouble to make components of his program able to stand on their own, it is usually difficult to extract parts of a program out and use them as a library, except perhaps for little snippets.On the other hand, when you write new code, it is definitely worth while to snip out little bits and make sure that they will compile and run on their own, or depend only on other readily available libraries. That way you can create a library yourself.
The book More C++ Gems has some articles on Large-Scale Software Architecture that discusses reducing cyclic dependencies in software projects, in part so that the projects can be rebuilt faster but also so that they can be unit tested in smaller parts and the parts can be extracted out and reused in other programs - although the claim is often made that object-oriented software is more reusable, this claim is baseless unless good engineering practices are observed.