The year’s first random 10

Haven’t done this in a while, so without further ado…

I am taking a different tack from the usual rules this time: This list consists of 10 tracks [*] I’ve listened to in the last 30 days and rated 4 stars or better. This week’s list is formatted as song title, artist, and album (in italics):

Good Luck Charm, Vigilantes of Love, Audible Sigh
The Mountain, Steve Earle and the Bluegrass Dukes (live recording), Just an American Boy
Prison Grove, Warren Zevon, The Wind
In the Name of Us, Honey; Shannon McNally, Geronimo
Home to Houston, Steve Earle and the Dukes, The Revolution Starts … Now
Tributo al Niño Rivera, Juan De Marcos’ Afro-Cuban All Stars, Distinto Diferente
The Girl with No Name, The Byrds, The Byrds (Box Set)
Am I Too Blue, Lucinda Williams, Lucinda Williams
The End, Alejandro Escovedo, With These Hands
Don’t Need You, Cowboy Junkies, Por Vida: A Salute to the Songs of Alejandro Escovedo

A lot of this stuff came from eMusic.com, which has become my favorite source of new music these days. [Full disclosure: If you click the link in the previous sentence and open a trial account, you get 50 free MP3s and I get a few bucks. This is one of a very small number of affiliate programs I belong to, and I highly recommend this company.]

[*It used to be 20.]

The generic web

Two years ago I noticed that Wired News was one of a handful of publishers starting to treat Internet-related terms as common nouns, not capitalized proper nouns. At the time, I wrote: “I suspect that the editors of Wired News are a few years ahead of their time, if not a few decades.”

I shoulda left off that last clause. It’s a couple years later, and I’m seeing more and more influential outlets beginning to lowercase the word web, for instance. This should be a source of never-ending fun for me over the next few months, as I work on a pair of new books: one for Microsoft Press, which capitalizes the Web, and Que, which doesn’t.

Me, I’m going to start using the lower-case when talking about the web. I’m not ready to make Internet generic, though.

Firefox auto-update works!

Last April, I complained about the unacceptably weak update mechanism for Firefox. In fact, just a few weeks ago I sat down at Judy’s computer and realized that she was running an old version of Firefox and hadn’t been prompted to upgrade.

I was pleasantly surprised to see this dialog box pop up a few minutes ago:

The Mozilla Firefox 1.5.0.1 Release Notes have all the details, but suffice it to say this is a critical update that fixes several serious security issues.

Anyway, kudos to the Mozilla folks for getting this feature working right in Firefox 1.5.

Internet Explorer 7 Beta 2 Preview is out

Microsoft just released a public beta of Internet Explorer 7 for Windows XP SP2. It’s a preview of Beta 2, not Beta 2 itself.

If you’re comfortable with beta software, it’s worth the download. Even if you use another browser, this one’s worth trying out.

I’ll have a lot more to say about this build of IE7 (and its Windows Vista counterpart) later this week. Stay tuned.

EV-DO, Edge, HSDPA, or what?

It appears that I’ll be spending more time on the road this year than I have in the past couple years. That means I need to start thinking about how to stay productive (or at least amused) in airports, hotel rooms, and other normally non-productive, non-amusing places.

My local airport in Albuquerque has free Wi-Fi, bless their hearts. Denver, where I’m likely to sit around a lot while waiting for connections, doesn’t. Neither does Sea-Tac, if I recall correctly.

The prospect of giving T-Mobile or Cingular $9.99 for a day pass that will really only be good for an hour or so is pretty unpalatable, especially when I’m not being reimbursed by a deep-pocketed employer. On top of that, the $10-15 charge that most hotels levy for high-speed Internet access is pretty sucky too. With one long layover and a Net-unfriendly hotel , I could end up spending $25 a day.

So I’m thinking of signing up for a high-speed data plan from a wireless company. I already have a Cingular account, so their HSDPA-based BroadbandConnect sounds promising, but it also sounds like it’s still half-baked. I’d wind up using the slower Edge network for most of 2006, I suspect. But it should work just about everywhere I’m likely to go.

Or I could choose EV-DO from Verizon or Sprint. Unfortunately, neither one appears to offer service in my corner of the world yet.

Or I could save the $60 a month, wait a while, and learn how to work offline.

What would you do?

Bloglines doing better?

NewsGator has had some hiccups today (acknowledged on their forum), so I fired up Bloglines for the first time in a few months. It seems to be faster than I remember from last year. Guess the long-awaited datacenter move is complete.

More than 400 people subscribe to this site in Bloglines. Are you happy with the service lately?

I’m back

Thanks to everyone who sent messages of condolence and support last week. My family and I were overwhelmed with the outpouring of support.

I’m looking forward to getting back to a normal routine this week! Expect some new posts and some very exciting announcements shortly.

Away this week

My father passed away this afternoon, unexpectedly.

I’ll be traveling this week to be with my mother and the rest of my family and won’t be posting any updates.

Google this!

Every American should be distressed about the Justice Department’s subpoenas demanding records from Google and other search engines.

Want to fight back? Here are a few Google searches I plan to run every day until this issue is resolved:

Bill of Rights
Fourth Amendment
unreasonable search and seizure
due process of law

I think it would be helpful for Attorney General Gonzales to know that Americans are interested in learning more about these concepts. Don’t you?

(inspired by Bob Harris)

A sleazy QuickTime trick

In a perfect world, we’d be able to choose one media player for everything. In the real world, we need two or three media players to handle the mix of incompatible and proprietary formats available on the Web. So, although I don’t use QuickTime often, I keep a copy installed so that I can see video clips on sites that offer only Apple formats.

If you use QuickTime on Windows or a Mac and you haven’t updated it since January 10, you’re at serious risk. But be careful when you go looking for that security update or you may get more than you bargained for.

On January 10, Apple released a critical update for QuickTime designed to fix five separate vulnerabilities, any of which can result in “arbitrary code execution” if you simply view a specially crafted image file (QTIF, GIF, TIFF, or TGA) or a similarly doctored media file. The vulnerability exists on Windows XP, Windows 2000, and Mac OS X. Sounds at least as serious as the WMF exploit that Microsoft was pilloried for, and indeed it is. (It took 71 days for Apple to come up with the patch after this vulnerability was reported, by the way, but that’s a topic for another day.)

Being a security-conscious sort, I checked my version of the QuickTime Player and determined that it was hopelessly out of date. I had version 6.5.1 installed; these vulnerabilities are fixed in version 7.0.4. I tried the Update Software option from the QuickTime Player menu, but when it finished its quick download and installation I was only at version 6.5.2, and it told me I was completely up to date. So I headed over to Apple’s QuickTime site and was greeted with this page:

I’ve circled the two areas of interest on this page. See that big blue Free Download Now button? That’s what most people will click. I almost did, until I noticed the wording at the top of the page: “QuickTime 7 with iTunes 6.” I don’t want iTunes! But I need that security update. Maybe I should read the security bulletin again. Oh, dear. Right there at the bottom, it has the bad news:

APPLE-SA-2006-01-10 QuickTime 7.0.4:

For Mac OS X v10.3.9 or later
The download file is named: “QuickTimeInstallerX.dmg”
Its SHA-1 digest is: a605fc27d85b4c6b59ebbbc84ef553b37aa8fbca

For Windows 2000/XP
The download file is named: “iTunesSetup.exe”
Its SHA-1 digest is: 1f7d1942fec2c3c205079916dc47b254e508de4e

Well, that’s odd. If I own a Mac, I can just get the QuickTime installer, but because I use Windows I have to install iTunes? Doesn’t seem right.

Hey, what’s that tiny link at the bottom of the QuickTime downloads page? The one that reads QuickTime Standalone Installer? Clicking that link ~~from Internet Explorer installs the QuickTime ActiveX control. Clicking it from Firefox~~ downloads a file called … QuickTimeInstaller.exe. No iTunes required. (Update: The QuickTime ActiveX control only loads in IE if it’s not already installed. The download link leads to the QuickTime installer, regardless of browser.)

This is a crappy way to do business, Apple. The security bulletin should reference the QuickTime installer, not just the iTunes setup file that happens to include the QuickTime Player. And if someone comes to your site looking for a critical security update, don’t push extra software on them.

Years ago, Real used to pull this same crap with their RealPlayer. When you visited the download page, you were steered into the trial version of Real’s subscription-based software, and it took a treasure map and a Sherpa to find the tiny link to the free player. It took a few thousand complaints, but Real finally wised up. Go to Real.com now and you’ll see two buttons of equal size: one offers a 14-day trial of its premium SuperPass product; the other is labeled Free Download. No magnifying glass required.

I never thought I’d say it, but Real is setting the standard when it comes to downloads. Apple, clean up your act.

Update: A visitor from Down Under comments that Real.com is up to its old tricks on sites outside the United States. After telling Real.com that I’m from Australia, I can see what he’s talking about. As a point of reference, here’s what the main U.S. page looks like: