Tablet PC looking for a good home

If anyone’s looking for a Tablet PC at a bargain price, ping me. I have a 2003-vintage Toshiba Portege 3500 that’s looking for a new home. It’s been upgraded to a full 1GB of RAM and has a 100GB hard drive. It’s running on a 1.3GHz Pentium 3.

It’s running Windows XP Tablet PC edition. Although you could probably install Vista on it with a lot of work, I don’t recommend it.

Anyone who knows this machine knows it’s a small and very light workhorse. I’ll negotiate a very fair price for the right person.

~~E-mail me (ed-blog AT bott DOT com) if you’re interested.~~

It’s gone.

Guess there will be a WGA “kill switch” after all

Back in June, I took a bunch of heat from Microsoft when I reported that the company was planning to roll out a Windows “kill switch” this fall.

Microsoft denied it.

Now, today, comes an announcement of the Software Protection Platform for Windows Vista, which sounds pretty damn close to what I wrote about in the first place.

If your copy of Windows Vista is “identified as counterfeit or non-genuine” you’ll be kicked into “reduced functionality mode”, which Microsoft describes as follows:

[T]he default Web browser will be started and the user will be presented with an option to purchase a new product key. There is no start menu, no desktop icons, and the desktop background is changed to black. The Web browser will fully function and Internet connectivity will not be blocked. After one hour, the system will log the user out without warning. [emphasis added]

Sounds like a kill switch to me. Go read the article and tell me what you think.

Technorati tags: windows, piracy, kill switch, WGA

Clowns

A few days ago, a presentation at the previously obscure Toorcon security conference features a pair of self-styled hackers who claimed they had discovered a zero-day exploit in Firefox. On a scale of 1 to 10, this is about a 13, especially with the added detail that devising a patch might be difficult or even impossible.

I chose not to write about it here or at ZDNet, because something just didn’t feel right about this story.

Now, it turns out, one of the two presenters admits they were just clowning around:

[Mischa] Spiegelmock, a developer at Six Apart, a blog software company in San Francisco, now says the ToorCon talk was meant “to be humorous” and insists the code presented at the conference cannot result in code execution.

If these two really were just clowns, it wouldn’t be a big deal. But one of the two works for Six Apart, which runs the TypePad and LiveJournal blogging services and sells the Movable Type blogging platform. Having a heavyweight name on his business card probably has at least something to do with why these guys were selected to speak, and why the security community took them seriously. Pulling a fire alarm isn’t funny, and it no doubt sent a lot of security professionals scrambling to perform work that wasn’t necessary. They have every right to be pissed off.

eWeek’s Ryan Naraine and Brian Krebs of the Washington Post are both excellent reporters. I hope the folks at Six Apart turn over every rock to find the real story. If Naraine and Krebs are reporting accurately, someone needs to be fired – or sent to work night shifts on the Clueless Newbies support desk.

Technorati tags: firefox, security, zero-day exploits

Tip of the day: Zoom this web page

Several people have commented that this site is harder to read now, because of the change in typeface and the white background. One solution is to zoom the page and make everything a little easier to read.

In Internet Explorer or Firefox, select the window or browser tab containing the page you want to zoom, hold down the Ctrl key, and move the mouse wheel – forward to make the page larger, back to make it smaller, If you don’t have a mouse wheel, you can click the Change Zoom Level button in the lower right corner of the IE7 window and select a percentage. Or, in either IE or Firefox, press Ctrl+[plus sign] or Ctrl+[hyphen] to zoom in or out.

To return the zoom level to normal size, press Ctrl+0 (that’s a zero). Update: As Alex Danvy points out in the comments, you can’t use the 0 on the numeric keypad for this; you have to use the zero on the row of numbers above the QWERTY row. Or you can use Ctrl+[asterisk], but only if you use the asterisk on the numeric keypad, not the one above the number 8 on the number row of the keyboard. Thanks. Alex!

Zooming affects only the current page, isn’t persistent, and can be undone any time. Some pages look very strange when zoomed, but those built using a decent style sheet should look just fine zoomed a few clicks in either direction.

Technorati tags: windows, tips, internet explorer, firefox, zoom, fonts

Comment spam overload

The last time I mentioned Spam Karma 2 was on April 4, 2006. In the previous six months, it had successfully deflected 19,003 attempts to post comment spam to this site.

Today, almost exactly six months later, I checked the SK2 stats again. This time, the numbers were more sobering.

That’s not a typo. If the pace of the last six months continue, this site will have been subjected to more than 1 million attempts to post comment spam before the year is over. On average, I get a few hundred comment spam attempts every day, compared to a handful of legitimate comments. (For an explanation of why people do this, see this Wikipedia article.)

Ugh. I’ve decided, in the interest of sanity, to close comments on all posts more than 60 days old. I may consider re-opening some older posts if they seem to be alive, but this should make a big dent in the problem and make my web hosting company much happier.

… OK, comments for most older posts are open again, thanks to a new plugin that should stop most stupid spambots. Let me know if you try to comment and are unable to do so (send a message to ed-blog AT bott DOT com).

… And after just a few days with the new regimen, the difference is profound. Spambots are now being blocked before they have a chance to post, thanks to an awesome plugin called Comments Post Rewriter, which uses a clever little bit of JavaScript to redirect the Submit button to a special URL and block any post that tries to access the comment submit script directly. Spam Karma now deals with the small number that sneak past, which is about two orders of magnitude smaller than before.

Oh, and sorry for you folks with live.com in your URL. For a day or two the filters were blacklisting that domain incorrectly. Should be fixed now.

Technorati tags: blogs, comment spam

Processors, cores, and licenses

A handy Microsoft page explains the ins and outs of Multicore Processor Licensing. Short version: Windows is licensed on a per-processor basis, not a per-core basis. So, despite the fact that the operating system treats individual cores as if they were separate virtual CPUs, the license agreement does not:

The customer will incur the cost for one software license per processor, not per core. So if a customer replaces the single-core processor on their system with a multicore processor, they will need to have only one license per processor.

[…]

Microsoft Windows XP Professional and Microsoft Windows XP Home are … licensed per installation and not per processor. Windows XP Professional can support up to two processors regardless of the number of cores on the processor. Microsoft Windows XP Home supports one processor.

This also means that quad-core processors (due to hit shelves in November) will not cause any licensing problems. Nor, in fact, should the 80-core processors Intel says it will have within five years.

(Via Raymond Chen)

… And I almost forgot this article on Windows Vista’s support for 64-bit and dual-core CPUs.

Technorati tags: windows, cpu, intel, dual core, licensing

Pink for October

I just redesigned this site, so I’m not going to turn it pink for October. But it’s a terribly worthy cause, and Matthew Oliphant’s site is worth visiting. I need both hands to count the number of friends and family members who’ve had to deal with breast cancer. It’s no picnic.

If you have a few spare dollars burning a hole in your pocket, consider giving them to a worthy local or national organization that works with cancer patients.

Updated design

I decided to update the template for this site while I was at it. I think it’s more readable than before. Comments?

Site maintenance

I’m upgrading to WordPress 2.0 this afternoon. It may cause some brief problems with site navigation. Hopefully all should be cleared up quickly. Let me know (e-mail to ed-blog AT bott DOT com) if you see anything out of the ordinary.

Just testing image insert capabilities. You can subscribe to this site’s RSS feed here:

Update: All done.

Confetti

This is what the Fourth and Fifth Amendments to the United States Constitution look like now.

Nice to know that anyone, even a legal resident of the U.S. ~~citizen~~ living in the United States, can be declared an “illegal enemy combatant,” thrown in jail, held indefinitely, and allowed no rights of appeal.

Oh well. I guess 80% of the Bill of Rights is better than nothing. But I liked the original version much better.

… And guess what? Apparently 609 law professors share my nostalgia for the old Bill of Rights.

… More interesting reading, courtesy of Prof. Michael Froomkin of the University of Miami School of Law. Turns out Yale Law Prof. Bruce Ackerman thinks this bill will indeed apply to U.S. citizens.

And sorry if people think that this is somehow inappropriate for me to talk about. I don’t make a habit out of expressing my political beliefs here. But I truly believe this issue transcends political lines. Or, to put it in terms that might be more familiar to a modern audience, “You’re either with the Founding Fathers or you’re against them.”