Monday, December 29, 2008

Trust no one

And stop using Windows software.

Here is a very embarrassing case. Not sure how the virus got there in the first place, but this is quite a clever attack vector, as possibly millions of unsuspecting users are infected.
Of course this is not the first time such thing happens, so you'd expect them to learn by now.

Still, it's nothing compared to Sony's "benign" rootkit, though it's more funny.

Sunday, December 28, 2008


What do you think about this?
You can further read about this here.
Personally, I don't like this idea, and I don't think it has a future. On the other hand, I'm no UI expert.

BTW, I found this out while reading this question in StackOverflow.

Saturday, December 27, 2008

No audio when using Windows Media Player for streaming

Guess most of my readers would be familiar with this situation - every once in a while you are called to give tech support to your parent, because something isn't working with their computer.

Two weeks ago the graphics card in their computer, based on GeForce 6600, passed away to a better world, so I got them a new one. Ever since, every problem they have is immediately connected to the graphics card, no matter it has nothing to do with graphics.

The latest problem was quite a challenge - there was no audio when streaming (audio and video) from web sites. The problem didn't reproduce in different accounts, or when using VLC instead of Windows Media Player. Since nothing special was found in the Media Player settings, I had a feeling the answer would be in the registry. Here is the solution. Three things surprised me in this solution:
  1. How comes it affected only one account? The registry key is not user specific.
  2. What had changed? The value of this key was the original value which is the default. So this means there's another reason of this problem, but it's nowhere to be found.
  3. How did the guy that found the solution did that? Changing such an obscure registry key.
Well, the problem is solved now, and I convinced my parents it has nothing to do with the new graphics card. This is definitely the hardest type of tech-support, as you must be nice and must give full details. Also, you personally care about the users.

Friday, December 26, 2008

Windows Scheduling tip

In some occasions, one might need to schedule a script or an executable in Windows using the SYSTEM (Local System account) privileges. I've shown before a technique to create a new schedule task for opening a cmd with SYSTEM privileges. But this time I want to show something which is way more flexible, and would suit real world examples (and not just opening a cmd).

Review the following command:
schtasks /create /tn task_name /tr c:\script_path\script_name.cmd /sc daily /st 08:00:00 /ru "System"

What does it do? It creates a new scheduled task, called "task_name", which runs a script (full path is a must) and would run daily at 08:00AM with SYSTEM privileges. Slick, right?

I recommend reviewing the schtasks manual for further information.

Happy scheduling.

Why not every law is treated as such

I think it is a well known fact that people (especially in my country) choose which laws to obey. The other laws aren't mandatory, but only nice-to-obey. It can be seen when driving in our roads: Laws which involve life-saving, such as red-light, are always obeyed (even at 3:00AM), while no triple-parking in the middle of the day aren't.
Few hours ago I sat in a pub which I used to like, which like any other pub here, is considered a public place, and thus "no smoking" law applies. Breaking this law means that both the smoker and the owner of the pub would pay a fine. Probably since it's only money, and since no one would force this law, nobody cared. Most of the people around us smoked without interference. Actually, we were the minority of non-smokers.
I really hate the smell of smoke that sticks to your cloths and the fact it sometimes stings in the eyes, so now I like this place less than before (in case you wonder - Dublin pub in Herzlia). I guess I won't go there in the near future.

In a totally different topic - I happen to have a private flight lesson pre-paid which I have no intention to use. If any of my readers in Israel care to have a flight lesson (it is allowed to bring a spouse on board), I'm willing to sell it for half of it's original price. Leave a reply if you're interested, and we'll find a way to get in touch.

Monday, December 15, 2008

Change is not always welcome or needed

Reading Doron's post today reminded me it's a good time to write a closure to my experience as told here and here. Since I both agree and disagree with Doron, I'll write the closure with references to his post.

Being a Linux veteran teaches me it's really not important which modern Linux distro to use. I should be above that. I reached to exactly the same conclusion as Doron yesterday, after I gave up of trying Fedora 10. So I started downloading the latest Ubuntu 8.10 64bit (I prefer to upgrade offline, and I might use it on several machines) alternative CD. Using Ubuntu again reminds me that I actually like it. It's snappy, looks good (espacially with my modifications) and simply works.

Compiling Fedora's and openSUSE's kernels reminded me this is quite useless (or not needed) these days, although it can be done quite easily. Never saw any recommendation for not doing this, only warnings to do this for the right reasons.

So having the latest or Firefox beta (or anything else to make the system less stable) is no excuse to switch a distro, as the distro is merely a base for further modifications and customizations. Choosing the distro to start with is important, but once there, it is needless to switch from one to another.

Having said that, I still hold the opinion that I would not self-customize the Debian used in our production servers. The price of breaking the compatibility is simply too great. In this field, Linux is just like the other server software - you don't modify it frequently or without a good reason (otherwise, the QA folks would have to work lots of extras).

But in my own computer/workstation... welcome back Ubuntu. And thanks to Adir which told me that the upgrade to 8.10 went smoothly on his laptop, and that not only it performs snappier, but the system is more stable.

Tuesday, December 9, 2008

Tabbed command prompt in Windows

No matter which OS you use (that even goes to my short experience with OS X), if you're a developer/admin/professional you're gonna spent a lot of time with a command prompt. This means there might be quite a lot command prompt windows opened. This is the case with me, and I'm sure I'm not the only one.
Having said that, I'm quite used to gnome-termianl's and konsole's multi-tabbed command prompt interface, which is just as revolutionary as tabbed web-browser interface. Once used it, you'll never be able to go back.

For the past few months, most of my work is done on a Windows workstation, which I use to develop in multiple programming languages, research web-oriented security stuff and manage several Linux servers. Last week, while doing all of those at the same time, I got tired of the mess, and looked for a better way to manage my command prompts. Here is the result. Apparently this is not very new, so I was surprised I haven't heard about it before. Console 2.0 is a real bless, and is exactly what I was looking for, no more, no less.
Now, I have shortcuts for opening new tabs of several kinds:
  • Standard CMD.
  • Cygwin bash shell.
  • Visual Studio 2005 command prompt.
  • PowerShell (thought giving it a shot. For now I still think it sucks)
  • Pre-configued command line SSH connections (ssh -l username host) for several servers. This is way more handy than the other Putty wrappers.
Now the taskbar is less cluttered, and I have quick shortcuts to every type of command prompt I need. It really does improve productivity.

Monday, December 8, 2008

iPhone Linux

Check out this video. Can read further info here.
Wish there was something similar for S60 devices. I would totally install it on my E65.

Monday, December 1, 2008

Second impressions from openSUSE

As I wrote before, I decided it's a good time to give other Linux distros a shot. Since the laptop which I first installed openSUSE on died (damn WiFi freezes on the BIOS POST), and my g/f is currently using my workstation's Ubuntu installation, I decided it'll be best to start using openSUSE on VirtualBox, and if I like it, dedicate the physical partition.

Once again, the installation went without a hitch. All works fine right after the first boot, no special drivers required. As this is the latest VirtualBox (2.0.6), the version on the tools (or additions) for it didn't work as expected, so compiling from source is required.
First problem. After reading tons of forums, debugging and such - still nothing. Never mind.

While doing that, I noticed Alt+Tab worked only half of the time. First time I see such a thing, but a quick search on the net shows it's a known issue, and that upgrading to KDE 4.1 would do the trick. OK.

So now I'm upgrading the distro (zypper dist-upgrade or via YaST). On the laptop, I remember this used to hang every once in a while, until I press "retry". It seems this happens in the VM as well. Guess I have to change the default mirrors or something. But I just lost the will to do so.

At least YaST left a very good impression.

Fedora's torrent is now downloading, so it'll be my next "experiment". I'm really looking forward to try it.

Thursday, November 27, 2008

Professional blogging in a rush

Hippee, another blog post for my work place. This time, it was written rather quickly (less than two hours), as we had to rush this out before someone else would find it out, and do the same.

This stuff happens all the time, but CBS is a big fish. It's quite sad seeing what the Internet has become.

Tuesday, November 25, 2008

Two short topics

Topic 1
Have a look at this new browser. Still not sure whether I should call this innovation or blasphemy. Perhaps it'll be good for web site developers running Windows. One thing is for sure: More browser engines, more vulnerabilities.

Topic 2
Remember me getting pissed off at Windows automatic update mechanism? Well, it gets worse. Did you know it might auto-reboot the PC? Even if the PC did something important at that time. After the successful reboot, Windows pops-up a balloon saying the patches were successfully installed and the machine was rebooted. Gee, thanks.

Saturday, November 22, 2008

My [Split-]Personal[-ity] Internet

Up until now I was avoiding from writing more than one post a day. Although I have some topics I want to write about prepared, I prefer to stay focused.

So while still avoiding the periodically annoying pop-ups, I was reading Yevgeny's latest post. The first thing I thought is that I'm glad something I wrote inspired such an excellent post by Yevgeny. But by the end of the post I had some more serious thoughts about that topic. So serious, I couldn't write them in a short comment.

While Google remembers what one is searching, and offering more relevant results in future searches, such a feature is problematic as well, and I'm not talking about privacy.
While I'm at home, my Google searches are typically around topics which interest me in my leisure time, such as gaming, Linux, funny stuff, etc. While at my work, my Google searches are focused around stuff which is relevant for work, such as security flaws, vulnerabilities, exploits, hacking, etc. While having one Google profile for my personal life and one for my work does the trick of not mixing the results (some topics collide with each other), this is very not comfortable, since I want to access my private GMail inbox, without logging out and then back in with a different account. And vice versa.

So my profile actually has a split personality which I rather avoid. I've seen Nokia's solution for this problem with their latest E66 smartphone, where they set up two different "desktops", which can be easily swapped, one for work and one for home. Although different "desktops", the phonebook and the rest of the personal info remains intact, and is always accessible. Having the same ability with my online identity (Google, LinkedIn, Blogger, etc.), would make the Internet much more "mine" than it currently does.

Can't you just stay put?

Every now and than I'm thinking about how could the software I use become more usable. I'm no expert in this field, but I can tell an unusable interface when I see one.

These days, it is very common for a piece of software to offer an automatic update/upgrade when such is available. If you're using a modern Linux distro (ever since 2002?), you're used to the fact a central tool upgrades all of the packages that requires it, across the entire OS and the applications installed on it. Although there isn't a perfect solution for this on Windows, applications for that OS had come a long way. Most notably, games,, Firefox, Notepad++ and so on, all offer an automatic upgrade. Even software I write and support these days offer the same functionality.

Having said that, there are different ways to offer and install such updates. In this area, MS has something to learn from the other guys, especially their open source counter parts. My workstation at my work place is running XP with automatic updates (cannot afford myself a catastrophe, especially since I'm dealing with malware all day long). This means that about every week some updates are installed. After the update process completes, I get an annoying pop-up asking whether I want to restart now or later. Such pop-ups are the worst thing that could happen, since they grab the input from whatever you were doing. Moreover, choosing the option to restart later, doesn't make the damn thing go away, but only makes it pop-up some time later, asking the same question. Why? Didn't I just say I'll restart later?

Not only I think updates shouldn't require a full system reboot (unless the kernel is upgraded, but this is not the case 99% of the time), I also think a small balloon saying "Updates were installed, click here for info/reboot" would suffice. The user's productivity is far more important than a KillBit update for some ActiveX, especially when in both cases the user is informed of the situation, but in the later, the user isn't annoyed ever hour or so.

EDIT: ironically, this happened even now, while writing this post.

Friday, November 21, 2008

Google feature, is it just me?

Today I was looking for some stuff using Google. The results page looked a bit different, as you can see in the picture. I wonder if it's just me being part of an experiment, or some new Google feature.

Sunday, November 16, 2008

first impressions from openSUSE

My journey with Linux begins quite a long time ago, when most people used Slackware. So did I. Until today, Slack remained my personal favorite, although I stopped using it completely about 4 years ago. Ever since my first steps, I've been using (sometimes in parallel) Red Hat, Mandrake 8.2, Debian, Oracle's UBL, Cent OS 3-5 and had some short experience with Arch and Gentoo. But more than anything else, I mainly use [K]Ubuntu (5.10-8.04).

The main reason for the switch was my work and study (and life) consumed the time I used to spend maintaining my distro, and I wanted something modern which works out of the box (and the fact some people laughed at me, because I was old fashioned and didn't have dependency management).
Unlike others, I'm quite pleased with Ubuntu. Even 64bit. It just works.

But all of a sudden, I became bored with my computer, so I decided to replace the brown/blue with green. Well, where can I find a green distro? Oh, right - openSUSE.

Didn't want to mess too much with my computer, especially since it was transformed into a gaming station (thus, runs Windows), I decided the laptop would do just fine. It's a HP nc6220, so the spec is high and it comes feature loaded. Downloaded openSUSE 11 with KDE 4 for 32 bit, put the CD in the drive, and reboot.
The live CD looks really good, and makes you want to install it. The installer is great, although I did have some problem with the partitioner which crashed the first time, and wasn't as simple as other partitioners I used.
After the installation, everything just worked, including WiFi, which is a good start (no network = inability to find problem's solutions on the internet).
Some quirks include the fact the language indicator didn't show hebrew by default (although Israel's timezone was selected, which implies I live in Israel), and the update manager noticed I need to upgrade some packages, but crashed while doing so (currently, "zypper up" is running in the background - good thing I'm not afraid of the command line).

This is definitely not the first time I use KDE 4, but it is the first time I enjoy it. The openSUSE guys made it beautiful (not black) and useable. Once the upgrade is finished, I'll try to run IM (kopete?) and other applications, and see if they're any better than previous versions.

Oh, one more thing - I noticed many applications are from KDE 3, and firefox is missing some plugins (hadn't checked for codecs yet). This is the thing that disappointed my most, as I'm used this things just work, especially in a desktop distribution. Once I finish those installations, I'll write again with my impressions.

Thursday, November 13, 2008

Oracle and Security

Since I used to be an Oracle DBA (still hold the title, just not the job), and since I work in the security field now, I find this article quite interesting.

I have to mention I have never met a single DBA which manages over 500 DBs on his own. That number doesn't sound rational at all, but hey, if one of you reading this blog actually do that, please leave a note, as I'd love to hear how it is.

Now I wonder, what future features does Oracle plan for its latest hardware platform. Does built-in filesystem encryption sounds too far-fetched?

Friday, November 7, 2008


At his weekend newspaper column today, Yair Lapid complaint about Pelephone's service, and their incompetence when it comes to closing lines which are no longer wanted. In Lapid's case, Pelephone kept charging his late (since June) father for calls made from abroad, and refused to admit the mistake.

This reminded me the time I wanted to close my Pelephone line few months ago. After closing phone lines at the competitor providers, I thought it'll be just as easy. Mistaken I was, this took me over a month of sending letters, faxes, making phone calls, etc. In the mean while, Pelephone kept charging me for service I did not want, nor use.

The HUTZPA of Israeli telecom providers was revealed to me this week once again. Last Friday I was holding a conversation with Bezeq regarding upgrading my (lame) internet connection (ADSL) speed. The conversation concluded in me adding 5 NIS, and they'll upgrade my connection to a more reasonable speed. After finishing that conversation, I hurried calling my ISP, to upgrade the speed (and price) of my service.

Since I have bad experience with such things, I went through every known procedure in order to check my internet connection speed. All tests concluded - I'm still having the old (and slow) connection speed. After 1 hour call to my ISP, I was assured they fulfilled their part of the deal, and that the problem relies at Bezeq. Calling Bezeq, I heard the sorriest excuse ever: "You're still connected using the old speed, no upgrade was ever made. Come to think about it, it's impossible we've ever offered you such a deal" (!?!). Took quite some time to make them check their phone logs and see for themselves that they did talked to me over the phone, and did offer a deal. Yelling at them that I've already upgraded my ISP service, lead nowhere. They say they cannot, and will not, give me the speed we agreed on for the price we agreed on. Now they offer a different price, over 3 times as much, with limiting conditions (only for first 6 months, etc.).

What am I supposed to do now? Call my ISP and cancel the higher speed service? Will they give me my money back for not being able to use the service I was paying for?

Telling Bezeq I want to disconnect from my service, in order to move to the competitors, they told me my engagement to the service ends at January, and breaking it would cost me 110 NIS. WTF? Keeping the service for this time would cost me less. One more reason to leave them ASAP. January that is. Hope the competition is any better.

Tuesday, November 4, 2008

Professional blogging

Today I've published my first blog post in my new work place. Hip Hip Hooray. Previous posts in that blog are quite interesting, and are a recommended reading.

While creating that post, I've learned a few lessons about professional blogging, which means blogging which also has a marketing agenda. This post went through 4 other people which perfected it to the result you see. Every word counts, every thing or ability which is exposed is considered carefully and the entire "story" told is kept clear and simple. There's a dedicated person who's job is to turn my English to the one you read in that post (and other company documents).

Needless to say it's quite different from my ordinary blogging, which now is a bit influenced by that, but previously was constructed from idea->write->spellcheck->publish. Also, having a team blog insures there will be a bigger range of topics, and the blog will be updated more regularly.

Finally, for my concerned readers, I'm not going to stop this blog. I love and I'm gonna keep writing about various technological topics, as always. So see you later, and have fun reading.

Friday, October 24, 2008


No post for quite a while. This time the excuses are work, study and a trip to London.
You want proof for the last one? Take a look here.

Some insights I have about this city:
  • Best public transportation in the world.
  • Great beer.
  • Great tea.
  • Sometimes the lines to buy a ticket for a show/play/etc. are big. Go and buy the ticket in the small stands spread around the city.
  • Get some Thai food in Thai Square.
  • Don't be cheap about the hotel.
  • More museums that you'll have care to see (the Tea&Coffee Museum is closed though).
  • Visit Trocadero - a huge arcade games place.
  • Visit Hamley's - a giant toy store.
  • The London Eye does look best at sunset.
  • Prepare to walk a lot.
  • No public access Wi-Fi. :(
  • Palaces are boring. Visit a football stadium.
  • Finally (only people who actually been in London would laugh at this): Mind the gap!
Of course the list could go on and on...

Stay tuned for the next post, which would probably be technological.

Sunday, September 28, 2008

Build Numbers

Having an automatic versioning for your project is quite useful. Every time you build it, you get a new build number, so you can distinguish between the builds, and make sure your users are always using the latest version (without comparing the exe files).

Today I wanted to make that trick work automatically in C#. That means I have a C# application, which I want to have automatic "Assembly Version". How can this be done in Visual Studio (need to try for mono as well)? Simply. Edit the AssemblyInfo.cs file, and delete the AssemblyFileVersion section. Also, change the AssemblyVersion to something like:

[assembly: AssemblyVersion("1.0.*")]

The * represents the "degree of freedom" for build numbers. That means that the sub-versions after the * (in this case, the third and the fourth numbers) would be automatically incremented by Visual Studio. Actually, it is a number which represents time since January 2000.

Now, all we have to do is to print this value from our code, which usually would be in the "About" dialog. The snippet that gets the version is:

System.Version v = System.Reflection.Assembly.GetExecutingAssembly().GetName().Version;

Conversion to string can be done with ToString(). That's it.

And in another (related) topic: I became addicted to stackoverflow. I find myself looking for questions which I can answer. Already earned two bronze medals and 76 reputation points.

Friday, September 19, 2008

Migrating from MySQL to SQLite

Last week I had a meeting with my university project's client (and mentor). During that meeting it was clarified that the resulting product should be easily installable. Since the code is written in Python and our DB of choice was MySQL, this could pose a problem. This means deploying the project would require installing MySQL, Python, the MySQL Python library, configuring the DB (creating users, importing data) and so on. Since such administration is beyond the scope of the project, and I don't expect my users to be DBAs, I started looking for alternatives.

The most obvious solution is to use some embedded DB which doesn't require any server software. This is where most people (I think) would choose MS Access. My intention is to be as portable as possible, and I don't like Access a bit, so I though about migrating to SQLite. I wasn't aware to the fact SQLite is quite a complete DB solution for such cases as my project. So I made the choice.

The next step was to migrate the schemas and data from the already running MySQL DB. My first Google search raised only complicated solutions, or costly solutions. Just before giving up, I started looking for some Windows GUI for SQLite, to allow me to insert the data manually. This is when I came across the freeware (not opensource) SQLite2008 Pro. Without the intention, I found myself with a nice tool which allowed my importing my existing MySQL schema information, and data, into SQLite. Even more surprising, the tool converted more complicated data types, such as auto_increment columns (autoincrement in SQLite).

Finally, some code modification was required. Luckily, I'm quite experienced with designing software that relies on databases, so I had a separate Python module which encapsulates DB specific logic. Importing the pysqlite2 library and adding two lines of code was all that needed to convert the entire application (over 2000 Python lines of code, mostly relying on DB) from MySQL to SQLite. Now the deployment of the project was stripped down to: install Python, install Python sqlite library. Cool.

Monday, September 15, 2008

Having the right tool for the job

As I wrote before, in the past several weeks I've been looking for a job. Since I have quite a lot of experience (at least I'd like to believe so) in several IT fields (SysAdmin, DBA, developer, management and so on), I decided it'll be nice to add something extra to my resume, and find a job which involves stuff which previously were my hobbies (developing was and still a hobby). This lead me to find a job in the security field. In my new job I'm responsible of both research (which is very important for me) and development of complamentry tools.

I guess that the research part would influence my blog in the future, since finding new and exciting stuff is a good reason to blog. This is why now I'll concentrate on the development part.
Developing software in my group is quite a versatile task. This is due to the fact that every tool developed, has to be very oriented to it's purpose, and most tools won't be used outside my group (though some tools does). The meaning of all this is that I get to choose how to develop each solution. If Python's quick modeling ability is required - Python it is. If it's Perl's regular expression power - Perl it is. Heavy lifting? - .NET or Java would do.

Just as the research part of my job involves me using the right security tools (sandboxes, forensic tools, decompilers etc.), so does the development part. This lead me to look for a good place for resources and Q&A, so I could complete my programming tasks faster. As I wrote before about stackoverflow, this is the right tool for the job. It think it'll grow very rapidly, and would be a great place for a great community to develop.

Last, what facinated me most, is the fact I didn't have to register to stackoverflow. I'm already registered via the same account from which I blog right now. That's right - stackoverflow uses OpenID, so I feel safer and there's one password less to remember. Great work.

Saturday, September 6, 2008

DNS query in Perl

As mentioned before, I'm doing a project which involves email spam research. Part of the project requires me to query DNS servers for their TXT and SPF records, since they contain valuable information regarding which servers from a specific domain are allowed to send mail.

When we (my partner and I) started coding the project, we decided Python would be our primary language, since we both know it, and it makes life easy. This was true, even on the difficult parts of using a database (MySQL), connecting to SMTP/IMAP/POP3 server, etc.

Last week I stumbled into a block, when querying a DNS server was required. Usually, I'd use the output of 'dig' or 'host', but I cannot be sure the project would run on a platform that has those tools. My second try was to use Python modules (pydns etc.) which should solve this problem, but they were all buggy/undocumented/not-working/too-complicated-to-use.

The annoying part is that I know how to do what I want in Perl:

use Net::DNS;
my $res = Net::DNS::Resolver->new;
my $answer = $res->search('', 'TXT');
print $answer->string;

And that's it. 4 lines of code. Still I hadn't found a decent Python-way to do this. So now I'm using Pydig to query DNS servers. Over 1200 lines of code. Pretty big hammer to solve a tiny problem.

If any of you know a better way to do this in Python, I'd love to hear about it.

Great music service

The first time I heard of Pandora, was few years ago, when it was still accessible to users outside the US. I used it for some time, and stopped using it when it stopped "choosing" music I like. The concept of listening to music on-line is something I like since it's a very convenient way to discover new music, or have your music wherever you are (assuming you have an internet-connected PC).

About a year ago, a friend told me about deezer. Ever since, I'm using it regularly. It works pretty well, has huge database of songs, sound quality is good and it has nice features. Every once in a while I find myself looking for some old songs that there's no way I'd find in other places, and then I sit back and listen to it... that's fun. You should all try it. Opening an account would allow you to store playlists and enjoy several more features.

A nice feature of deezer allows me to play to the song I was listening to when writing this post, so you could enjoy it as well:

Discover Extreme!

Wednesday, September 3, 2008

Bureaucracy vs. Technology

Sometimes I think I grumble to much in my blog, since there are more posts in which I say bad things about stuff that annoys me, that there are about pure technology or CS related stuff. Unfortunately, this one would be no different. But I'll try to connect it to technology as much as possible.

Today I went to buy a used (second hand) car. The person from whom I'm buying the car is a real nice person, who wishes to sell the car due to relocation to the US. After going through the standard procedures of checking that the car is alright mechanically and electronically, we agreed to meet this morning at the post office, for conveyance ("ownership transfer"). As this is not my first vehicle, I'm familiar with this procedure, and thought everything would be just fine, and I'll be driving home with my new car. So I thought.

At the post office, they check whether there are any limitations regarding selling the property, such as whether it is confiscated or stolen. Since I already checked it beforehand, I knew there shouldn't be any problem. After they ran the check in their computer, they told us "sorry, you cannot convey this vehicle, we don't know why". We asked what the problem is, but they kept repeating that sentence, without supplying any reason. We both thought it was weird, so we headed to the closest ministry of transport office.

At the ministry of transport office there were HUGE lines, unlike any other office in Israel, including banks, post offices, etc. Since we had no choice, we stood there. That took about an hour. As our turn finally arrived, we thought we're gonna find out what is this all about, and close the deal. Unfortunately, we got a new answer "The police have ordered to remove the car from the road, we don't know why". Again, they looped that answer several times, without further explanations. 

At this point, I returned back home, with my old car (luckily it's still going), while the selling person had to drive to the traffic-police station (somewhere not very close to the rest of the offices), in order to check what is wrong with the car, and why the hell did the police ordered to remove his car from the road, without him ever getting any ticket or ever being arrested even for a regular check. After two hours he called me and said that it all was a big mistake. The police wrote the ticket with the wrong number and ordered to stop the wrong car (they actually arrested a truck!). So now he has a letter to the MOT that says they we can complete the transaction in their office (and not the post office, which means HUGE lines again).

I've been dealing with technology for quite a while, and I was responsible for research and modeling of SOA (service oriented architecture) and connectivity between different systems. This made me think about several problems that arose from bureaucracy and could be easily solved with technology:
  • If there's already a network between the police to the MOT, and between the MOT to the post office, why can't they pass a simple string saying what's the problem with the car? That would have saved us at least an hour.
  • Why can't the lines in the MOT be better organized, like in modern banks, medical centers and post offices?
  • If there is connectivity as described above, why can't the police update the record about the car, so we could go back to the post office? Why would we need a letter if we have
  • Why do they still trust the hand writing of police officers and volunteers, instead of equipping them with cameras, and using OCR software (the same which is being used for toll roads, such as road 6)? That could have saved us the entire day, and the day after.
If I owned a company, at which SOA and such other products were the line of business, I'd volunteer to implement these products at the MOT/police/post-office, so that every citizen could see it in action (everyone visits these places). I think it'll bring me a lot of customers, perhaps world-wide. As for the typo in the car number, this is plain stupidity: A tiny little check would have shown this number doesn't belong to a truck. Simple input validation that every programmer could've implemented.

Edit: Since everyone is talking about Google's chrome (the new browser), and since this is a technology blog, I can't stop myself from writing something about it. This post was written using chrome, and I must say it was quite fluent, although not that much of a difference from Firefox. I'll be using it for some more time, and try to stress it out.
Tip: If you close a tab by accident, simply click the (+) sign at the tab bar (is this how it is called?), and the newly opened page (assuming it's the home page built into the browser) would suggest you to open the recently closed tab.

Sunday, August 31, 2008

My Blog Day

There aren't many anniversaries I celebrate. When it's work-related, I think the only one I care to mention every year is SysAdmin Day. This year, I decided it'll be nice to mention the Blog Day.

The "celebration" instructions are pretty simple: tell your blog visitors about at least 5 blogs you read, so bloggers could get to know each other better. Following is the list I compiled. I'll try it'll be as novel as possible, as I guess most of my blog readers are already familiar with most of the stuff I read (since we have same interests and we are part of the same planet).

  • SysAdmin Tales. Been a sysadmin myself for quite a long time, I know most of the frustrations told about in this blog. Very recommended.
  • Paul Graham Essays. This one is recommended even if one doesn't plan to start a start-up company, as it contains many insights and things to think about when it comes to the software industry.
  • StackoverFlow. This blog was created by Joel Spolsky (joel on software) and Jeff Atwood (coding horror), as part of a common project they started: StackOverflow. I guess most people are familiar with these two blog's (Jeff is making a living from his blog), but stackoverflow adds even some more insights about the creation of computer software, building a commercial web site, starting a company etc. Although this is mainly a podcast, one doesn't have to listen to it, since there are transcripts available.
  • xkcd. Funny (if you're a mathematician or computer scientist). Period.
  • The last one is not a blog (although you can RSS it), but rather a share of Yevgeny's favorite blog posts (via his Google Reader). I think this is the best way to get to know new stuff: becoming a "subscriber" for stuff that somebody else has already filtered for you. Yevgeny is doing good job at this.

Most interestingly, this post made me go through my Google Reader reading list, and made me realize there are many blogs I hadn't been reading for quite a while. Perhaps I should clean it up a little.

Monday, August 25, 2008


Not very long ago I started looking for a job. The searching->finding->getting-interviewed loop, exhausts itself quickly. Since I'm not used to looking for jobs, and I wasn't sure in which particular field I want to work, I decided it'll be a good idea to mass-send my CV. Mass-sending means more than a dozen companies receives your CV in the same time, and then you expect a blitz of phone calls from them.

Among others, I sent my CV to Microsoft (their new R&D center), as I heard so many good things about working there. At this stage, no phone call was made by MS. Few days later, via an alternate route, my CV reached MS the second time. This route probably had higher priority, as I got a phone call the day after. This phone call lead to a series of very interesting (and difficult) interviews, which ended with a job offer. In the mean while (about after the first interview) I got this mail:
Thank you for sending us your CV.

While we are very impressed with your skills and qualifications, we regret to inform you that we don’t have a suitable position for you at the moment.

We will keep your resume on file for any opportunity that may come up in the future.

This mail was regarding the first time I sent them my CV.

So what we have? Me sending my CV to the same place twice. While the second time got me interviewed, the first one got me (a gentle) "we don't want you" letter. More important, these events happened in parallel. How does this makes sense? Different recruiters (small department so small chance)? Does getting your CV via different persons gets different attitude? Perhaps, but that doesn't sound good. So it must be some kind of schizophrenia...

Wednesday, August 13, 2008

Interesting bug solution

Every once in a while I get to thinking "hmmm... what shall I write in my blog? I don't have any muse right now, but I want to write about something". To my surprise, each time that happens, I accidentally find an interesting topic, which is derived from things I stumble upon while surfing the internet.

Last week I've been configuring my not-very-powerful laptop, so it'll be able to remotely connect both my Windows and my Ubuntu. The Ubuntu connection is done via freenx server, while the Windows connection is done through Terminal Services. Actually, I'm writing these lines from a TS session. Most of the time I'm quite happy with this setup. I have full access to my desktop, I can work concurrently with my girlfriend (which is using the desktop, and which I taught the magic ways of using Ubuntu), and I can sit wherever I want, as the data is being encrypted over SSH over my wireless network.

Not all went clear, and both freenx and Terminal Services has some major bugs. The freenx bugs were solved after a short google search, and after hitting the "connect" button enough times (so the Ubuntu realized I'm serious about my intentions to connect). Terminal Services gave me a much harder time. It appears that if you own a powerful nvidia or ATI graphics card, and you work with high-res, TS won't work. This can be solved with some tweaking of the Windows registry, and messing with kernel parameters (what the hell does this have to do with being able to use TS?).

Now, I have a new syndrom: every once in a while Windows decides this is a good time to reboot after a DCOM server crash occurs. This is quite annoying, and I haven't found a good solution for that, yet. In the mean while, I type quickly 'shutdown -a' to abort the annoying reboots, afterwards I restart the DCOM service and the TS service, and everything is back to normal. Awkward.

Me saying I don't have a good solution is only partially true, as I found this web page describing my problem. For some reason, it exists only in the google-cache (I don't know how much longer it'll be there), so I'll quote the solution part:
I have put Ubuntu on a second partition and that solved my problem for
now. I still can access my files from the first partition and it
doesn't reboot randomly.
Thanks for all your help!

Interesting! Installing Ubuntu solved the reboot issues. How come I didn't think about it.

Tuesday, August 5, 2008

Acquiring System privileges under Windows

At some occasions, while using a relatively recent version of Microsoft Windows (I'll refer XP and above, but 2000 might also work), it is required to acquire System privileges (aka LocalSystem). This might happen for malicious purposes, but also legitimate reasons exist, such as finding a bug in a service which runs under LocalSystem. At such occasions, one would like to get a terminal (cmd) that runs as LocalSystem.

Of course, one cannot login using LocalSystem, since it is not meant to be logged-in with. But this is not a reason to despair. Actually, opening a cmd under LocalSystem is quite easy:
open a cmd (using the currently logged-on user) and type:
at 00:00 /interactive "cmd"
This will create a new scheduled task, which will never run, and would open a new cmd using LocalSystem. Now, all you have to do is: Start->Run->tasks and run the newly created task (usually "At1"). The cmd window that just got opened allow you to run everything as if you were the System account.

Wednesday, July 30, 2008

Improving bubble sort

Most people believe that using Quick Sort or Merge Sort, would achieve the best sorting performance over a standard array. Even though this might be true in most (or at least some) cases, there are real world situations where a better solution can be applied.

Let's assume there's a big chance we are trying to sort an already sorted array, or almost-sorted array. What is an almost-sorted array? This is an array which is sorted beginning from some element which is not far from the first element.

Now, let's try to recall what bubble sort looks like:
for i = 1 to length(A)
  for j = length(A) downto i+1
   if A[j] < A[j-1] then
    swap A[j] with A[j-1]

This is a very simple implementation, but would cost O(n^2) even when we deal with an already sorted array. How could this be improved? Let's add a flag:
for i = 1 to length(A)
  swapped = false
  for j = length(A) downto i+1
   if A[j] < A[j-1] then
    swap A[j] with A[j-1]
    swapped = true
  if swapped = false then

As you can probably see, once there's a full iteration in which no elements were swapped, the algorithm finishes. For an already sorted array, performance are now O(n). For an almost-sorted array (beginning item c), performance are O(cn). Not bad...

Monday, July 7, 2008

Dar the mailman

In the past few days, I've been working really hard on my final project. As mentioned before, it has something to do with e-mail and spam. The project requires me (actually us, I have a partner) to act both as a mail sender, and as a mail receiver. This is have to support any modern mail server, and also work with every major web mail providers (where most spam is usually met).

For some years I've known how to telnet to a SMTP server, and use it to send mail (which should be accounted as spam). When it comes to authorized mail servers, this is a bit trickier, as log-in mechanisms are required. Most use SSL or TLS, over semi-standard ports. So, I managed to write a python script to use gmail's SMTP server, using my gmail account (TODO: publish code). This made me happy, because I thought to myself it's gonna be easy. Well, not quite.

As it seems, the other major providers (hotmail, yahoo) would allow you to make telnet connection to their SMTP servers, but the log-in would fail. After a little research I found out that yahoo wants money for SMTP, and hotmail would simply not allow it altogether. Not good.

My next attempt was trying to use the mail provider's APIs. Google offers GData, while yahoo offers some other API. Microsoft offers only undocumented HTTPMail (webdav?) protocol. Once again, only the Google solution worked. Yahoo wants you to register your application, and your domain (hadn't bought one yet for the project) in order for the API to work. As for hotmail, well...

So, where does this leave us? It seems our last option is the one I've been trying to avoid: writing a parser (Perl or Python) for the web pages of the popular web mail providers, and normal SMTP and POP3/IMAP for other mail servers. Very cumbersome, error prone, hard labor and a waste of time.

Friday, June 20, 2008

Standards are Standards

We all know what standards in the software industry are worth. Some people sit in a room (could be virtual, but most of the time it's a real room), and decide how something should behave. Then, each software company takes the standard spec (or RFC or whatever) and implements it, and then some.

Recently, in the hardware industry, there is a large debate, with accusations and flame-throwing about who should be part of the design of the next USB 3.0 standard. Intel claims that by developing the standard all alone, it actually has a chance to become a standard. Just like the previous USBs. This is my interpretation of things, and you should read about it yourself. We all know what monopolies in the computer industries can cause, if they're wrong, and the standard that's on the topic is closed (that is, only one company controls the spec) or badly designed.

Lets compare it with other industries: Last week we've purchased new curtains for our living room. The "technician" that came to deliver the curtains, said that the bar (or pole) that holds the curtains is too thin, and we need a thicker one. A thicker bar, means a different hooks, which would be able to hold it. We didn't want to replace the hooks, cause we didn't want to drill extra holes in the wall. But when the "technician" realized that this is what is bothering us, he said "what? you don't have to drill new holes, the new hooks uses exactly the same holes as the old ones". This means that the screws would be in exactly the same distance as they were before, and no drilling was required, even though the new bar seems a little bit heavier.

So, now we have new curtains, with new hooks, and I wonder, when and where did the "curtain hanging guild" sat to decide how should the hooks be designed, and how comes they all agreed on the standard. In our (software-) world, that would have never happened.

Same game, different name

Each time there's a soccer tournament, I feel the urge to kicks some virtual balls into virtual goals. Now it's the time of UEFA EURO 2008, so I decided it's time to try EA's FIFA 08 (I just can't seem to like PES over FIFA). FYI, the game sells for 99 NIS in Israel, I guess it has something to do with the fact they're having hard time selling that game, and that it cost them 0$ (or some other small amount of money) to produce.

Why would I say such a thing? Because it's actually FIFA 07, packed in a different box, carrying a different name. The rest of the game is exactly the same. Same graphics, same engine, same sounds, same everything. It's a brave move from EA to release such a game, especially when a competition such as PES exists.

From what I read, the Xbox and PlayStation versions, include a better graphics engine, and better physics. If I stumble upon a PS3 with FIFA 08, I'll give it a try. In the meanwhile, I'm so disappointed. Though I still prefer it over PES.

Friday, June 13, 2008

"Buying" users, for free. Genius

Most people been in the academy, knows the nice trick of major software companies: the "student edition" or "express edition" (sufficient for students requirements) is given for free or a small fee. Later, when the student will be looking for a job, he'll be looking the tools he already knowns. So, if for the entire degree the students uses Visual Studio Express and Office Student Edition, this is what will be written in the resume, and this what the student will be looking for.
This week, something similar (not exactly the same) happened in my university. The university opened "for free" email account for every student (still in pilot, but will eventually cover thousand of students) at Actually, this is live., but login is done through Now, since I was chosen to the pilot, I'm a happy owner of Windows Live Hotmail account. Not sure what am I supposed to do with it, but the university promised it'll work under Firefox and Safari under any OS, so no complaints here. The thing with this account is the fact that it is not limited to the period of time I'll be a student. It's for a life-time, only that after I'll finish my degree, the account would start display ads (which it currently doesn't). So, next year, I'll become a regular user, that sees ads and everything, which makes me a source of income to MS. So thanks to the university, MS could make more money. Just like giving Visual Studio for free, only easier. Come to think about it, only one word comes in mind: Genius.

Saturday, May 24, 2008

OpenDocument for University

Let me begin with good news, especially for myself: I'm done with university exams. Recently finished the last exams towards the M.SC, and now I feel the freedom back in my life. And since we talk about freedom, why not discuss free software?
Even though there are no more exams, there is this tiny little thing called "final project". As i might have mentioned before, it has something to do with email spam. Although it's quite late to start working on the project at this time of the academic year, I'm quite optimistic I'll manage to finish it on time. In the mean while, my partner and I are discussing with our project client (which is a Prof. in the department) about the contents of the project, in order to assemble a PDR which is agreed on everybody. Since we are good students for computer science, we'd picked the right tools for the job: OpenOffice writer and OpenOffice draw. This is not the first time we deliver documents in ODT format, but it is certainly the most comprehensive usage done. This perhaps won't sound as a big thing, but at our university, it is. I don't know much lecturers the would support these formats. Most still use MS Office, and might even force students to work with it as well. My intent is to base the entire project development with FLOSS, and become an evangelist in our department.
My original thought was way to advanced for our project mentor: we would do the entire research part of the project, and major parts of the development, and the community would assist us developing the rest of the project. This way, the final product would be far more polished and could be ready for real world use (as well as academia). I thought this could work, as I saw it worked for GNOME Do. But our mentor said he couldn't be sure we would do our part. I don't think he ever heard of Launchpad or Sourceforge for project management and tracking. Shame. Well, perhaps we cannot be too evangelist.
But we did make one small step for men.

8800GT TV Out solution

As you may already know, I recently bought a new PC. My new and cool PC is powered by Nvidia's Geforce 8800GT chipset based graphics card. When doing the market research about which graphics card to buy, I read comparisons, benchmarks and relied upon other people experience, thinking "Hey, I have a good experience with Nvidia, this looks like the best buy". Well, I learned that while all of this is important, it's even more important to look for known problems. Especially of other people using the same features you are planning to use.
A simple web search shows many people are having many problems connecting these cards to their TVs. The two problems I'm aware of
  • DVI-to-HDMI would pass audio signal, even though there is no audio output. This would prevent the TV from playing sound coming over other cables (such as RCA).
  • S-Video won't detect your TV, which forces you to use component or composite connections for CRTs. This sucks.
As for the later, I just found a solution. The easiest solution is to use Linux, and configure xorg.conf on your own (heard there's a wizard for configuring that, I should check that out). This would allow you to define your exact parameters for the connection: S-Video using PAL-B (Israel), and 1024x768 60Hz (written as 1024x768_60) should do the work.
If you insist using Windows, I can dispense some advice, assuming you use XP (don't have Vista, don't want to). The problem arises from the drivers (forceware) and Nvidia's control panel. It seems that the new control panel assumes you want your TV to be auto-detected, and if the auto-detection fails, you won't get any other option. Moreover, even if the control panel's wizard thinks it has detected your TV, but it actually fails, you are stuck. The most common phenomena is the TV screen flickers for a second or so with your desktop, and than returns to it's blue state. In the mean while, the driver is sure that everything works perfectly, so no further configuration is allowed. This is where most of the forum threads in the Internet says "replace the 8800GT with something else". And then I found this very helpful lead. Basically, it suggests to get back the classic Nvidia control panel, and try to configure stuff there, as the rest of his advice, it didn't help me. So i found this help site that explains how to do that. After changing the value of ContextUIPolicy to 3, I got the classic control panel. Now, I could use the wizard that says "My display is not in the list" and then turn on the "'Rigorous Display Detection". Finally, the TV connection wizard allowed me to use other settings then "Auto Detect", so I could choose "S-Video". After doing so, my TV came to life, and started to display my desktop as "Monitor 2". Some final tweaks were required, such as setting the region to "PAL/B" (otherwise, screen flicker would occur in Israel and western Europe) and setting the resolution, and that's it! Notice that the lead I found only managed to get B/W picture, while I managed to get full color.
Hope this guide saved someone from deep frustration, and happy TV watching everyone.

Saturday, April 26, 2008

I've failed the Turing Test

Finally, I can see the end of my M.Sc in computer science. Almost all exams are over, and only the final project is to be completed. My projects advances kinda slow lately, but I hope things would get better. The topic of my project is spam (as in email-spam) and mechanisms to fight it. It is partially research, and partially technical. In order to test different web-mail vendors' spam filtering mechanisms, I've created free accounts at GMail, Yahoo! and Hotmail. Each of these vendors use the CAPTCHA anti-bot mechanism, so their services cannot be easily exploited. I've seen many of these CAPTCHA images before, and answered them correctly without a problem. And then came Yahoo!. According to them, I'm probably not human, as I failed the Turing Test three times, before I eventually managed to guess what's in the image, and pass the registration process. They had, by far, the worst looking CAPTCHA images.
I have a test of my own for computer software. My test tells if some software is usable or not. I call it "My Mom's Test". The test is quite simple: my mom is trying to use some software, with less than 1 minute training (zero is better). If she succeeds - the software is usable for everybody. If she doesn't - that's trash, and I remove it from her PC. Skype, for example, passed that test. The same test applies for web sites. Some sites are easy for her to use, while other sites frustrates her. For example, Google's search page is easy. Yahoo!'s registration process would fail "My Mom's Test" over and over again, as she would call me a hundred times before we can together "break" it's anti-bot and anti-human defense mechanisms. Therefor, it's unusable for my mom, and probably many other normal people. Too bad for them, as the profit from free services (such as web mail) comes from advertisement, which would bring more money if my mom would use it (she clicks ads).

Thursday, April 24, 2008

The smell of something new

You know when buy something which comes wrapped, and you tear the wrappings off, there's a nice smell of something new. Well, I got to smell that two days ago. I bought a new PC. This is the spec:
  • E8400 CPU (Dual Core, 3GHz)
  • Asus motherboard, based on Intel's G35 chipset
  • 2 Gigs RAM (800 MHz)
  • Western Digital 320GB HD (SATA 2, 16MB cache)
  • Nidia 8800GT based graphics card
  • The rest of the stuff you put in a PC
  • 20" LCD
Now I can play The Witcher, NWN2 and other games using their maximum settings. That's fun.
Also, installed 64bit Ubuntu 8.04. The new Ubuntu really rocks. Solid, fast and cool.
It took me some time to decide where to buy the new PC (or PC parts). After a long survey, I bought it on KSP. The decision was rather difficult for me, as I personally built my previous 2 PCs. Today I saw this post regarding Ivory (important: read the comments and follow-ups), and I'm more than glad I didn't go there. How rude can someone be, especially when your job is to give service. When my work included service-giving, it never crossed my mind to act like that.

Back to the fun part. Now I have 2 PCs, a laptop and some other WiFi enabled devices, so it was time to setup up a WiFi router. Bought an Edimax router. The setup was very easy, including WPA2 encryption (actually the encryption is AES in WPA2). The firewall and NAT were a bit tricky, but 10 more minutes and all was up and running. Now I have gazillion devices that all require electric power in the same room, so it's time to buy a little power-plant.

Sunday, April 13, 2008


Today I had an exam in communication security (SSL, IP-Sec, Crypto Hash, etc.). The exams are the main reason I hadn't blogged in a while. But excuses aside.
One of the questions was about how a CA signs some certificate (attribute certificate), and includes the validation key of Alice (so Bob can be sure that Alice really signed the data in the certificate). Anyhow, the lecturer, who wrote the exam, had a mistake. He wrote A.s which means Alice's signature key (private), while he meant to write A.v which means Alice's validation key (public). So, when our lecturer found out about the mistake, he wrote to the board "Q2 s/A.s/A.v/". I don't know how many students appreciated the little joke during the exam (did I mention it was difficult?), but I'm sure it made me smile.

Thursday, March 13, 2008


Computer-people becomes proud very easily. Every time a big chunk of code works, we brag about it. If we make a piece of software work a little faster, we can't stop showing off. Not to mention how happy we are when we do something big such as a major upgrade.
For me seeing a review written in my native language, about an open-source project I've participated in, does the trick. Actually, I left that project as I currently haven't got the time to volunteer, but I'm still very much connected to it.

Thursday, February 28, 2008

Web 2.5

Few hours ago I had a conversation with a Sharepoint administrator I know about the new Google Sites service. He told me that their announcement was the talk-of-the-day, and couldn't go unnoticed. We talked about what threat could the new service be for MS Sharepoint or Office at all.
For those of you who are familiar with organization/enterprise oriented portals, the idea of Google Sites is not new: an individual, a team or an entire organization, can build up a site around an idea (a project, a shared point of interest, etc.) simply, quickly and without having to write a single line of HTML. Afterwards, they can add to this sites, lists of objects, such as documents, pictures, spreadsheets, calendars, task-lists, etc. This is done very easily, and with full integration to the user's desktop applications (MS office, OpenOffice, Web-based office, etc.).
Now for the exciting part. Google's product might not be better than the competition (yet) in the organization level. BUT, they are the first to bring such a polished, full-featured product, to the Internet. Now, everyone can create sites around ideas, projects, shared interests, etc. Using the same tools they are familiar with: Google Docs, Picasa, Youtube, RSS feeds and such.
I like to call this new level of services: Web 2.5. Why? Because in Web 2.0, the control over the content of the web, was passed to the individual. Now, the control over the content is passed to group of individuals – collaborating. Imagine how powerful it might be for a team of students, working on the same project, to collaborate using such tool, and share their results with the client (lecturer or a real client, doesn't matter). This is the evolution of Wikis.
Of course there are limitations: 10MB per file, integration with GoogleTalk yet to be made, workflows around documents aren't possible, and a lot more. But hey, we can call it Web 2.49 until then.

Wednesday, February 27, 2008

SysAdmins who write code

At work, under my team's responsibility, there's a dozen or more systems, which have few dozens development environments. This adds up to a large number of servers (with many virtual servers) which runs variety of enterprise software. Managing all this software, requires each sysadmin to be expert in our favorite language: Perl. Also, since all the servers are Windows, some cmd scripting knowledge is required. Rarely, for our internal development, other programming languages are used, such as C# or PL/SQL. Today i read, on the only Microsoft blog I read, that in Windows 2008, sysadmins who write code would have full power. This means that PowerShell will allow us to do what we already do very well, and enable us to do that for MS products (never wrote a Perl script to administer IIS).
According to my experience, this PowerShell technology exists for a year-and-a-half, and yet I haven't written a single PowerShell line of code. As for the MS products we administer (Windows, IIS, etc.), we just don't write complex (more than cmd) scripts for them. I only hear the Exchange guy crying about MS removing functionality from the Exchange administration GUI, and that now in order to do simple stuff, he has to use PowerShell. Brutal marketing that is.
Now don't get me wrong, I'm all in favor of finally being able to control the rest of our systems using scripts. It's just weird that the way to do this was to remove functionality from the GUI and to wake up that late (who knows when we will upgrade to Win2k8 with the new IIS, etc.). I'm all for .NET technologies (I use mono at home), but I don't see how I'm going to replace "du -h" (we use MKS/cygwin) with "get-childitem | measure-object -property length -sum" (taken from wikipedia), especially if one day I'll replace a Windows server with a Linux server, and all my scripts would mean nothing.

Wednesday, January 23, 2008

Hebrew 2.0

Many programmers, administrators, and even users, are wasting a considerable amount of time dealing with issues regarding localization of software. When it comes to Hebrew, this amount of time, doubles itself. For start, Hebrew’s direction (Right-To-Left) is something many software vendors forget in their first versions of a product (take blogger for example), so Hebrew is aligned in the wrong direction. And even when this issue is solved, still there are many quirks. Such quirks can be when mixing Hebrew with English (or other Left-To-Right languages) or mixing with numbers and parenthesis. Other issues involve saving files in the correct code-page, or displaying data in the correct code-page (how many times have you changed the browser’s encoding on misbehaving sites). Sometimes, file formats (such as text) might not include magic headers about the encoding, thus making the client software guess how data should be displayed. Moreover, since there are multiple ways to represent Hebrew (8859-8, 8859-8i, 1255, using UTF-8 etc.), it leads to some conflicts and bad implementations.
My suggestion is a new way to represent Hebrew, at least in the computer software world. It involves a new language, written Left-To-Right, using western characters, or some other characters that are already included in UTF-8 (could possibly be Hebrew characters, though that would be very confusing). I also have a name for this language: Simplified Hebrew. This is the place to mention: I’m not looking to replace the holy-language, I like Hebrew. The words would be the same words, with the same meaning, and the same sound. Only the written language would look differently. Think about it, how many issues could be solved. Adapting software for Hebrew speakers would be like adapting American (US) software, to British (UK). As simple as it gets. Plus, Hebrew speakers won’t have to compromise on their language when they are using computers, since software would be in Hebrew – Simplified Hebrew!

Friday, January 18, 2008

Big Oops

Sometimes, us system administrators, are blamed for loss of information. Such loss could render a system unusable, or just lack of information that is required to be restored from a backup. Recently, my team an I were blamed for at least two coincidences like that. In one of which, the user was the one to delete the information, and in the second, we still don't know what went wrong, but we're sure we had nothing to do with that. On both cases, we restored everything back to normal, at the price of few work days.
Such mistakes merely justifies the fact that users put their blame on us, since these sysadmins really are stupid. It's a shame they bring a bad name for all of us.