The modification date the script reported was correct, but the creation date the script reported was different from the creation date that doing “Get Info” in the OS X Finder reported. Hmm. Not good. I did some investigating.

Let’s look at a test file. The Finder reports the following creation and modification dates:
Created: Monday, April 10, 2006 17:04
Modified: Thursday, April 13, 2006 15:54

Python reports a different creation date and the same modification date:

>>> import os.path
>>> import time
>>> stamp = os.path.getctime('datetest.txt')
>>> time.ctime(stamp)
'Fri Apr 10 15:51:10 2009'
>>> stamp = os.path.getmtime('datetest.txt')
>>> time.ctime(stamp)
'Thu Apr 13 15:54:43 2006'

Hmmm. What does “ls” in the Terminal report? The standard “ls -l” reports creation date. Adding “-T” makes it report the full date in all cases. And “-c” counter-intuitively means “display modification date.”

$ ls -lT datetest.txt
-rwxr-xr-x@ 1 schof  schof  2448091 Apr 13 15:54:43 2006 datetest.txt
$ ls -lcT datetest.txt
-rwxr-xr-x@ 1 schof  schof  2448091 Apr 10 15:51:10 2009 datetest.txt

The plot thickens. The modification date matches the Finder and Python, but both Python and ls are reporting an incorrect (according to the Finder) creation date.

Quite a bit of Googling showed me the “mdls” tool — or “metadata ls.” Very useful. This shows the complete set of metadata for a file. Including the OS X creation date. Actually, two creation dates, one for the file, and one for the file content. (I’m not sure what circumstances would make those creation dates differ. The documentation I’ve been able to find has been unclear and contradictory.)


$ mdls datetest.txt
kMDItemContentCreationDate     = 2006-04-10 17:04:34 -0700
kMDItemContentModificationDate = 2006-04-13 15:54:43 -0700
...
kMDItemFSContentChangeDate     = 2006-04-13 15:54:43 -0700
kMDItemFSCreationDate          = 2006-04-10 17:04:34 -0700
...
kMDItemLastUsedDate            = 2009-04-11 11:48:03 -0700
kMDItemUsedDates               = (
2009-04-11 00:00:00 -0700
)


Now that we’ve got all that information, what does it tell us? The Unix/Linux standard for “creation date” is to show you the date on which a particular file was created. If you copy file “a” to file “b,” those are two different files, and the “creation date” for file “b” will be the date you made the copy.

OS X metadata travels with the file, so if you copy file “a” to file “b” using ditto on the command-line or using the Finder, the Unix creation date will be the date the copy was done, but the OS X creation date of file “b” will be the same as file “a.”

There’s good arguments for handling “creation date” the Unix way, and there are good arguments for doing “creation date” the OS X way, but mixing them as OS X does is kind of frustrating.

I’ve written a quick-and-dirty Python example script that reports the Unix creation date and the OS X creation date for any particular file. Since it’s released under the open-source MIT license, feel free to use it in your own programs. You can download it here: http://www.sudosu.net/getcreationdate.safe.

(Shortest review I’ve ever written.)

While I don’t agree with everything Joel has written, I find most of what he writes to be a clear exposition of common-sense approaches to managing software development. No BS, just simple stuff that works. A small percentage of “Joel On Software” is mind-changing, opening your eyes to new ways of doing things or new ways of thinking about old software.

Highly recommended.

Ssh-agent is a great program that lets you add the password to your SSH private key to memory, and then you don’t need to type in the ssh key passphrase every time. The basic usage is that you start BASH as a child of ssh-agent, and then use a program called ssh-add to prompt you for the password and store it in memory.

On OS X, there’s a GREAT program called SSHKeychain that handles this, storing the password in your OS X keychain, so it’s really seemless.

On Linux, you need to type in “ssh-add” manually every time you want to store the key, and after that your SSH sessions will be seamless.

However, I’m always forgetting to do that, and thus getting prompted for the password. Too many seams. I added the following code snippet to the end of my .bashrc file, and thus, every time I open a bash shell, it checks whether ssh-agent has any keys in memory. If it does, the shell starts as normal. If ssh-agent doesn’t have any keys in memory, it prompts you for the password. Simple, and as seamless as I can make it.

## Add key to ssh-add if it has not been added.

ssh-add -l &> /dev/null
SSHADDRESULT=$?
if [ "$SSHADDRESULT" -ne "0" ]; then
ssh-add
fi

UPDATE 2008-07-02: Here’s a much more succinct way of writing that:

ssh-add -l &>/dev/null || ssh-add

First, lose the headphones. That didn’t affect our decision at all, but I could imagine it affecting it at other companies.

Second, you’re obviously intelligent and capable. You messed up on the unit test, but I’m attributing that to interview nerves – I’m reasonably certain you could handle the technical demands of the job. But that’s only the first hurdle.

The next is personality and fit with the company — and this is a sticky one. In an interview, I’ve got about an hour to decide if you’re the kind of person I want to spend the next three or more years with, in relatively close quarters. Can you argue a position strongly, but lose gracefully? You may be right about the technical merits of something, but the business reality means we have to do something else — can you live with that? On a good day, we go two steps forward and one step back — bad days it’s one step forwards and two steps back. Can you deal with that frustration? I received certain cues from you — interrupting, hitting the table during the coding test, etc. — that you might have been hard to work with. Is that true? I can’t tell in an hour. But saying “no” to a candidate who would have been terrific is a smaller risk than saying “yes” to a candidate who turns out to be a bad hire.

I hope you appreciate my honesty in writing this, rather than brushing you off with “not a good fit.” I did so because I think your question about your interview performance is sincere, and I’m hoping my answer helps.

If it’s not obvious from reading the e-mail, Rands has been a big influence on my management style.

I need to start going to conventions, user group meetings, etc. — immediately I’m going to start attending the Los Angeles Linux User Group meetings and the local Python SIG. I’m not sure what else I’m going to do, but it’s becoming obvious that I don’t scale — that the long-term solution is NOT for me to increase my skills, as I’ve been doing, but to hire people who have the skills.

That said, in the short term, it’s clear that there’s three technical areas where I must improve my skills:

1. I need to be a world-class guru in apt-based package management.
2. I need to greatly improve my skills at low-level TCP/IP issues — packet captures, diagnosis of networking problems, etc.
3. I need to greatly improve my skills at dealing the Linux kernel, on all levels — compiling, kernel options, loadable modules & drivers, etc.

I guess it’s good to have a clear vision of where I need to go. Now I need to get there.

But in general, I’m finding SPBS both challenging and a hell of a lot of fun. It’s turning into a bigger project than I expected — or perhaps, a better way of saying it is that SPBS is slowly revealing its complexity to me. I could get this done a lot fast by adapting pyBloxsom. But where’s the fun in that? {grin}

I’ve written an introduction to SPBS, and the reasons I’m writing it here, at http://code.google.com/p/spbs/wiki/SPBSIntroduction

http://biowiki.sudosu.net

(I’m keeping the shitty first draft to myself, at least for now.)

python `python -c “import pimp; print pimp.__file__”` -i readline

Moral? If at first you don’t succeed, Google. If Google fails, try, try again.

Update: And to make forward-delete work, try this.

NOTE: I have only experienced this on the Vancouver Sun section of Canada.com. I’m currently out of different IP addresses to try. I’ll try again from home to see if the rest of Canada.com is infected.

How I found The Problem: I followed a link from Bynkii.com to a Vancouver Sun story that Bynkii discussed. My browser was immediately hijacked. I visited the site again, and found no errors. I then tried from a laptop connected to our company’s wireless network (completely separate from our internal network, and through a separate ISP) and saw the hijack again. That time I got screencaps. Visiting the site through the wireless again showed no problems, leading me to believe that this displays one time per IP address. Trying multiple browsers did not result in another browser hijack, and neither did clearing cookies, making me think it’s recording IP address and attacking once per IP address.

Details:

The first time you visit Canada.com, your browser will flash through a few redirects, and then the following popup will appear:

Note that hitting either Cancel or OK appears to have the same result — you can’t get out of there. Your browser will then appear to scan your hard drive for viruses. It’s all theater; it’s not actually doing anything at this point:

It will then pop up a message (in an Windows-style message box — not sure how it did that):

If you’re on a Macintosh, it will then offer to download an EXE file. I’m not sure if it will automatically download and run the file on a Windows machine, because I’m not about to try.

I uploaded the downloaded file to virustotal.com, and it found a variety of badness there, general consensus seems to be that this file isn’t so bad by itself, but will once installed download and install an additional slew of malware and trojans of unknown potency. (I was unable to find really definitive information about this file; I’m open to suggestions for better places to look.)

File Install-MnBhY2lmaWM-a2V5aW4-a2V5a received on 11.08.2007 03:28:07 (CET)

Antivirus	Version	Last Update	Result
AhnLab-V3	2007.11.8.0	2007.11.08	-
Authentium	4.93.8	2007.11.07	could be infected with an unknown virus
AVG	7.5.0.503	2007.11.08	Generic9.HLR
CAT-QuickHeal	9.00	2007.11.07	-
DrWeb	4.44.0.09170	2007.11.07	-
eTrust-Vet	31.2.5278	2007.11.07	-
FileAdvisor	1	2007.11.08	-
F-Prot	4.4.2.54	2007.11.07	W32/Heuristic-119!Eldorado
Ikarus	T3.1.1.12	2007.11.08	Virus.Win32.Renos.AE
McAfee	5158	2007.11.07	BraveSentry
NOD32v2	2645	2007.11.08	Win32/Hoax.Renos.PY
Panda	9.0.0.4	2007.11.07	Suspicious file
Rising	20.17.22.00	2007.11.07	-
Sunbelt	2.2.907.0	2007.11.07	-
TheHacker	6.2.9.119	2007.11.07	-
VirusBuster	4.3.26:9	2007.11.07	Trojan.Renos.Gen.2

Additional information
File size: 31288 bytes
SHA1: ef6fce7ad9a01d6cabb84bffc3bddee6f43bfe4e

I submitted this to the Internet Storm Center, along with a malware sample, and e-mailed webmaster@canada.com with a warning.

Update November 15, 2007: Wired just wrote about the issue; apparently it affects a number of different sites, as the hijack script was distributed via the Doubleclick ad network.

Update November 16, 2007: Wired wrote about the issue again, quoting me this time.

Some background: There’s a very useful website located at whatismyip.com, which reports the IP you used to connect to the site. If you’re on a computer behind a router which does NAT (Network Address Translation), you can’t find out what your external IP is by issuing commands on the computer. Your computer’s address is (for instance) 192.168.1.5, but when traffic reaches the router, the router translates (with NAT) your address to an external IP address, such as 34.23.64.9 (an IP address I just made up).

WhatIsMyIP.com (and other sites like it) sprang up to fill that void, and give you a simple way of finding out what external IP address you’re using.

Ubuntu Geek’s script fetches the whatismyip.com page with wget, parses it to find the IP address, and prints the IP address.

I tried it on my OS X box, and it didn’t work, because wget isn’t installed on OS X — but curl, a similar tool, is.

So I started modifying the script to use curl — and discovered an interesting comment in the source code to whatismyip.com’s page:

<!–Please set your code to scrape your IP from www.whatismyip.com/automation/n09230945.asp Please set your code to hit this page at a REASONABLE pace. For more info, please see our “What’s New” page.–>

Hitting that link gets you just your IP address, which has two benefits over Ubuntu Geek’s implementation — it means you have no parsing to do, and it gives a SIGNIFICANTLY lower load to WhatIsMyIP’s servers. (It’s rude to slam someone else’s servers with an automated script — even though a script that simply fetches a web page once doesn’t slam a server, 10,000 people running that script would.)

Here’s my take on Ubuntu Geek’s BASH script:

#!/bin/bash

echo -n “Your external IP Address is: ”
curl http://www.whatismyip.com/automation/n09230945.asp
echo “.”

For comparison’s here’s Ubuntu Geek’s original script:

#!/bin/bash

echo Your external IP Address is:
wget http://Www.whatismyip.com -O – -o /dev/null | \
grep ‘<TITLE>’ | sed -r ’s/<TITLE>WhatIsMyIP\.com \- //g’ | \
sed -r ’s/<\/TITLE>//g’
exit 0

Moral of the story? Always look for a simpler way of doing things.

There’s very little payoff in stealing 20 servers (the amount stolen in the recent robbery) for the hardware value — this is most likely about stealing the DATA on the servers. Most people in the market for rackmount servers wouldn’t buy them off trucks, and so you’ve got a crime with serious time and very little payoff if they were stealing hardware. I wonder how much valuable data (including credit card numbers) was stored on those boxes?

Eckels took umbrage at reports that their facility had been robbed four times in the last two years:

One of the biggest mistakes is that people are talking about four robberies. A robbery means than property has been seized through violence or intimidation. C I Host has technically only been robbed twice in two years. The other two were break-ins where things were stolen, but not robberies.”

Umm. That doesn’t exactly make me feel better. Although the facility’s staff probably prefer the burglaries — their night manager was repeatedly tasered and “struck with a blunt instrument” during the most recent robbery.

• Consumating.com: Free site. Lots of hipsters in their 20’s. Not a lot of women in their 30’s. Has a fun, quirky vibe that makes it a kind of fun site to hang out on, but not terribly useful as a dating site. Everyone gets a numerical rank based on their points. (I have 29 points, which puts me in 4348th place.) Relive the unpopularity of high school, electronically. (For some reason they didn’t use that as their slogan.)
• OKCupid.com: Free site. Another fun site with lots of games, quizzes, and etc., both created by editors and by other users. Slightly more oriented towards dating than Consumating, but just as filled with 20-somethings. Less of a “cooler-than-thou” vibe than Consumating. The site “gets to know you” by asking you hundreds of multiple choice questions submitted by users, and attempts to match you with people who have similar answers. Not very successfully, in my experience.
• HotOrNot.com: Pay site. Triumph of the shallow. It’s all about the pictures. You get less than a paragraph to describe yourself, and the user base does not seem terribly literate. Again, mostly people in their teens and early 20’s. HotOrNot started as a site where you rate people’s “hotness” on a scale of 1 to 10, 10 being highest. I signed up for HotOrNot in order to find out which of my photos were considered “hot” (or “least ugly”) so that I could use the higher rated pics on other dating sites. For that purpose, I highly recommend HotOrNot (and that part is free), but as a dating service, HotOrNot was an “eh” for me.
• Impersonals.com: Free site. Honestly, by far my favorite of all the dating sites, at least as far as user interface and functionality. And the questions they ask produced my favorite of all the profiles I’ve created. A really cool site, without a lot of BS, and with a good feel to it. The downside: At least in my area and demographic, very few people. And very few additions — it seems to be foundering. I’d LIKE to like Impersonals — but there’s just very few women (of any age) in my area, and most of them are in their early 20’s.
• PlentyOfFish.com: Free site. The MySpace of dating. Meaning it’s phenomenally popular, and phenomenally ugly. Good Lord, it’s ugly. If you care about user interface, web page aesthetics, or design of any kind, this site will make your eyes bleed. (As an example, they don’t crop pictures to squeeze them into a box, they just squeeze the picture into a box — so everyone looks either anorexic or like a sumo wrestler, depending on the aspect ratio of the original picture.) Still, it has the largest user pool of any site I’ve tried yet, and the users seem to include all ages. (I’m perfectly willing to date a brilliant and mature 18-year-old — but I think the odds of finding someone I’m compatible with are much better for women less than five years older or younger than I am.)
• Gk2Gk.com (Geek 2 Geek): Pay site. Decent enough dating site — not as gimmicky or Ajaxy as OKCupid or Consumating — fairly standard, in fact, with the exception that the people on it are explicitly looking for geeks. Since I am one, this site goes high up on my list. Niche dating sites are apparently a big draw these days. The matching is no more effective than on any other site — perhaps less so for me, because although I’m a computer geek, I’m not most other types of geek — and almost all of the questions are related to zeroing in on what geek hobbies and/or obsessions you have. Geek 2 Geek has one annoying quirk: If you edit your profile (even changing one character in the title), then people are not able to view your profile and you’re not able to send a message to anyone until your profile has been approved by Geek 2 Geek staff. Geek 2 Geek does generally approve your changes within 24 hours (even on weekends) but it’s still an annoying bit of suckage. (Unlike every other pay site listed here, Geek 2 Geek will NOT automatically renew your subscription — which is a nice bit of class.)
• Chemistry.com: Pay site. A service of Match.com, Chemistry attempts to do a “scientific” analysis of your personality, and match you up with compatible people. Their advertising targets eHarmony.com, a similar site that has some pretty distasteful limits. (For instance, eHarmony won’t serve gay people.) I have my doubts as to how effective the matching is, but the user-contact system they put in place seems to work very well. You get up to 10 “matches” a day, assigned to you by the system. If the system doesn’t assign you a match, you can’t look at them. (This is why I haven’t posted a link to my profile — as far as I know, I can’t.) You tell Chemistry if you’re attracted to each of the matches. If you say you are, Chemistry lets them know and lets them state whether they’re attracted to you. If they’re not interested in you, their name silently falls off your list of potential mates. Because of this, this is the first site I’ve seen where women will initiate contact with men in significant numbers. (On most other sites, the guy has to send the first e-mail — the sites let women initiate contact, it’s just that societal norms of men initiating contact in meatspace exist on dating sites as well.) Once you both agree that you find the other interesting, you answer some fairly meaningless questions about the importance of various personality traits by moving sliders to indicate importance. The other person does the same. Then, if both parties decide that the sliders match up enough, you take it to the next level. (I say the sliders are meaningless because — I mean really, if I rate “sense of humor” as important and she doesn’t, I’m not going to reject her. I’m going to try and find out if she laughs at my jokes and can make me laugh.) At the next stage, each party chooses two questions (from a list of a few dozen, or write your own) for the other party to answer in paragraph form. Each party reviews the other’s answers, and decides whether to take it to the next level, which is e-mail. After e-mailing back and forth, you can decide whether or not to meet in person. As I write this, it sounds HORRID — but perhaps because I’m a socially awkward geek, this computer-mediated dating really seems to work very well. It takes some of the initial awkwardness out of the introduction — and dating, online or in person, is awkward enough as it is.

Well, there’s a standard way of doing that in Linux/Unix, called setuid. You set the “setuid bit” to on, and the program will run as the owner of the program. So, since it’s owned by root, a regular user can run a particular program, and have that program run with the permissions that root has. Very handy.

But I couldn’t figure out why the program was not being installed setuid root. I could see in the postinst script that the command was valid. I could cut-and-paste the chmod line (that set the setuid bit) from the script to the command-line, run it, and it worked perfectly. And there weren’t any other commands in the postinst script that affected permissions (the setuid bit is a permission bit) for that file.

However, there WAS a chown command later in the script. (It started in a parent directory and recursed into the directory with the C program I was dealing with.) Eventually, I narrowed it down to that chown line, and once I saw chown was the cause, I guess it sort of made sense. I was able to reproduce the problem by chowning a file after setting the setuid bit.

I guess from a security standpoint, you could do a lot of stupid things by setting the setuid bit (making a program operate as the owner of the program) and then changing the owner. So, to prevent you from shooting yourself in the foot, changing ownership of a file unsets the setuid bit.

Still, this seems somewhat counter to the philosophy of Unix — first, to not do unexpected things, and second, to give users approximately an order of magnitude more rope than they’d need to hang themselves. I can’t think of many other commands that silently prevent you from doing something that MAY be stupid. Unix usually assumes that you know what you’re doing — even to the point that you can enter a command to delete every file on your hard drive, and Unix will happily delete all your files without asking for confirmation. The fact that chown has this behavior was NOT obvious to me.

(This is a highly technical rant, and I’m writing it late at night after coding for a while — if it doesn’t make any sense, it’s probably me, not you.)

(As it turns out, xkcd doesn’t mind when you use their content in a blog. See “Can we print xkcd in our magazine/newspaper/other publication?“)

I don’t have the rights to copy it, and it’s generally rude to hotlink someone else’s images, so you’ll just have to click the link to see it. But it’s worth it for a real belly-laugh of geek humor.

So last night, and this morning, I did a complete, from-scratch build out on this iMac. I’ve been building up a list of the software I need to get a base level of functionality on a new OS X box. They are ordered largely in the order in which I installed them — which is why QuickSilver is first; it’s far too painful to work on a box without QS installed. I’ll post more about WHY these apps are so important to me if anyone is interested.

• QuickSilver
• Google Notifier
• Firefox
• Firefox Extensions:
  • BugMeNot
  • BookMark Duplicate Detector
  • Foxmarks Bookmark Synchronizer
  • TMobile (USA) Minutes Used
  • Greasemonkey
  • GMailSecure
• Yojimbo
• TextMate
• Twitterific
• OmniOutliner Pro
• OmniGraffle Pro
• OmniFocus
• VPNTracker
• Microsoft Office 2004
  • Microsoft Remote Desktop Connection Client
  • Excel
  • Word
  • Powerpoint
  • Not Media Player or Entourage
• Adium
• Growl
• SSHKeychain
• Now Up To Date & Contact
• MouseLocator
• Microsoft Intellipoint Mouse Driver for the Microsoft Intellimouse Explorer 4.0 (My favorite mouse.)
• wClock
• AppleJack
• TextExpander
• Delivery Status Widget
• DashboardStarter Dashboard Kickstart
• StopIt (Dashboard Timer App)
• Shuffle Saver
• Flash Player

I don’t understand this continuing obsession with buying things that you need to break before they do what you want. It’s not just the iPhone; people did the exact same thing with the AppleTV too… I thought the big draw for Apple hardware was that “It Just Works.” By breaking it, you must know you’re giving up the “Just Works” factor, so what’s left? Rounded corners?

My current theory is that it’s some twisted form of wish fulfillment. “I wish this company understood the value of openness, but they don’t, so I’m going to keep buying their closed, crippled shit until they get it.” Yeah, let me know how that works out for you.

Talking about a software development schedule more than a year out is like talking about where we go after we die.  Everyone has some idea where we’ll end up, but those ideas differ wildly, and there’s a lack of solid evidence to support any of them.

(Via)

Here’s my bug report: (with e-mail addresses slightly mangled for publication)

WHAT I DID:
1) On Edit Profile -> Contact page, selected “Add / Remove E-mails.
2) Hit “Change” under “Contact E-mail.”
3) Select the “New Address” box and enter “root at sudosu dot net”
4) Click the “Change Contact E-Mail” Button.
5) Enter my password and click “Confirm.”

WHAT I EXPECTED TO HAPPEN:
1) I expected Facebook to e-mail a confirmation message to
root at sudosu dot net.

WHAT ACTUALLY HAPPENED:
1) Facebook responded with “Please enter a valid email address.”

WHY THIS IS A PROBLEM:
1) root at sudosu dot net IS a valid e-mail address, and is my primary
personal address. People searching for me will use that address, and
will not be able to find me.

And their response:

Hi John,

Unfortunately we do not support email addresses with generic
prefixes like the email you have listed (i.e. info@, webmaster@, root@
etc.). You will need to use a personal email address that does not
contain this type of prefix. Since email addresses of this nature are
typically used for organizations and businesses, we do not allow them
to be used for personal Facebook accounts. There are no exceptions
to this rule. We sincerely apologize for any inconvenience this policy
may have caused you.

Thanks for contacting Facebook,

Landon
Customer Support Representative
Facebook

So Facebook knows me by my jschofield at gMail address. I hope this doesn’t prevent people from finding me on Facebook.

On the call we had a member of the client’s IT staff (at the corporate office), a member of Dakim’s support staff (on-site at the client location, which is not the corporate office), myself, and two different members of Secure Computing’s Sidewinder support team. (The first one’s shift ended, and he transferred us to a different tech.)

Let me say first off that I was TREMENDOUSLY impressed with Sidewinder’s support. (I hadn’t been familiar with their products before this.) Both techs were ninjas, and we started speaking with them after about 30 seconds in the hold queue.

After we’d been on the call for a while, we were able to rule out Sidewinder as a part of the problem, and the Sidewinder tech got off the call — and a short while later, we ruled out Dakim’s [m]Power and Dakim’s servers as part of the problem — it was a problem with the client’s network config. We stayed on the phone with them and on-site, troubleshooting until we were able to diagnose the issue and tell the client exactly where the problem was.

This was absolutely a money-loser for Dakim, and economically a bad decision — between the remote tech and myself and drive time, this cost Dakim between 12 and 14 person-hours, for a problem that turned out not be our responsibility at all — but I really like working for a company that provides that kind of customer service. There wasn’t anybody looking at us and tapping their watches — from the CEO down we know the costs of this kind of support, and we still want to provide it. I feel good about that.

But then came Mark Pilgrim, and my introduction to Unicomp. I now have a $70 Unicomp keyboard at home and one in the office, and it’s GOLDEN. It’s like typing on chocolate. (But, you know, without the mess. And with clickiness.)

But the click is much more than JUST the sound — the reason I love these keyboards is the tactile and audio feedback I get when I type. You KNOW when it’s registered a keypress — something that you do NOT know instantly on a mushy keyboard.

It’s loud, though. My computer is in my bedroom, and my girlfriend can’t sleep when I’m typing, even with earplugs.

All of this, by the way, leads up to my puzzlement about an article in TidBITS. Apparently the author is a big fan of clicky keyboards, but rather than get one, he’s raving about a software utility that clicks the speakers every time you hit a key.

I can see — sort of — why you’d want that, but as the owner of a Unicomp keyboard, I get to look down on that sort of kludge. Seems to me you’re missing out on the best part of the keyboard (the tactile response) and emphasizing the sound, a less important part of why the keyboard works so well. (Although, I must admit I like it when I’m on a roll typing and it sounds like I’m operating a chainsaw.) Still, there’s not much you can do about tactile response in software — this may be the only part of the problem they could fix.

If you see “https://” in the address bar, that connection is generally secure. In many cases, you can make an insecure connection secure by adding an “s” in the address bar and hitting “enter.” (Whether or not it works depends on the site’s web server configuration. Some aren’t set up to support secure connections.)

Google redirects you to a secure https connection while you’re logging in, but sends you back to http for everything else. So if you use Google Mail (aka gMail) without doing anything to secure it, any eavesdropper can read all your mail. This is not a huge problem on a wired connection, but if you’re using any kind of wireless connection, you should be concerned — and if you use an open wireless connection, you should be alarmed.

The “add an ’s’” trick doesn’t always work with gMail, as I’ve noticed it switching back to http seemingly at random.

You can get around this by bookmarking https://mail.google.com/mail — if you start there, Google will leave the entire session protected.

Another solution is Mark Pilgrim’s Grease Monkey extension to Firefox, GMailSecure. It automatically redirects from http://mail.google.com to https://mail.google.com — nicely solving this problem. Typing just “gmail.com” in the address bar first redirects to “http://mail.google.com/mail” (because of Google) and then redirects from there to “https://mail.google.com/mail” (because of GMailSecure).

Actually, no. When you Google for “John Schofield,” I’m WAY down on the list — not even on the first page. (Some Civil War General gets all the link love.) So now I’m John Mark Schofield, which gets a LOT more Google juice. (At this time, I’m #1 on the results.)

Yep. I just removed myself from all the groups except for vboxusers. Brilliant! I absolutely hate when I do stupid shit like that. It’s not like this was hard to fix – I just didn’t remember of the top of my head what groups I was supposed to belong to. Of course since I was no longer part of the sudo and admin groups I could no longer sudo. Luckily enough, back in the day I decided to enable the root password. So I was able to su to become root, and then usermod myself to admin, and bunch of other groups I needed like audio, video, tty, lp and etc… I wonder what would happen if I did this on a default Ubuntu box without root account. I wonder if I would be able to recover from this that easily.

The short answer is “Yes, you would.” Single User Mode is your friend.

At bootup, hit ESC to get into the Grub menu, and select recovery mode. If you haven’t entered a root password, recovery mode will dump you to the console as root. If you HAVE defined a root password, recovery mode will dump to a login prompt, where you’ll have to enter the password.