Category Archives: Computers

Update Manager hangs in Ubuntu 8.04 (and how to fix it)

Posted on by
39

Last month I upgraded my notebook from Ubuntu 7.10 to 8.04 (“Hardy Heron”). Since then, whenever I tried tried to install the up to 133 updates that had become available, the Update Manager would hang indefinitely instead of prompting me for the user password.

If you’re in the same situation, the following tips might help you. Edit /etc/hosts with an editor of your choice (e.g. sudo vi /etc/hosts). There should be two entries with IPv4 addresses starting with 127.0.x.x, like this:

127.0.0.1 localhost
127.0.1.1 mycomputername.mydomain

Remove the domain name from the entry starting with 127.0.1.1, leaving only the computer name and save the file. Now try again.

When I made this change I got the password prompt as expected and all the updates where downloaded and applied.

Microsoft does listen to (some of) its users

Posted on by
Reply

Two weeks ago, Infoworld magazine launched a “Save Windows XP!” campaign. Within 5 days, over 164,000 people signed it, demanding that Microsoft do not end OEM and shrinkwrapped sales of Windows XP on 30 June 2008 as announced, but keep it on the market indefinitely. Microsoft did not seem impressed, as the following quote in PC World shows:

The spokeswoman said Microsoft is aware that some customers are pushing for an extension to the deadline — more than 160,000 people have signed a “Save XP” petition launched by Infoworld magazine, for example. But the company has also done its own research among partners and customers, and feels that “the dates are right,” she said, speaking on behalf of Microsoft.

“We feel we’ve made the right accommodations for customers in certain segments who may need more time to transition to Windows Vista,” she said. “But as [Microsoft CEO] Steve [Ballmer] noted, we maintain a constant stance of listening to our customers and our partners. That’s what is guiding our plan, and will continue to guide us going forward.”

I don’t know who Microsoft listens to, but personally I don’t know a single person who prefers Vista over XP. Some of the comments I hear are unprintable. Yesterday, a friend of mine allowed Windows Update to install some updates to his copy of Vista and since then he’s been unable to access the network. Many coroporates still maintain a blanket ban on it and stick with XP.

On the other hand, quite a number of Mac and Ubuntu fans are simply thrilled how much Vista has contributed to driving up interest in their platforms of choice.

Still, I suppose amongst hundreds of millions of Internet users there must be some who are genuine fans of Vista, despite its well documented shortcomings. When Microsoft claims that its death sentence for XP was based on user input, it may not exactly be lying: I suppose most Microsoft shareholder are Microsoft software users too.

Forcing people to buy a more expensive operating system may boost Microsoft’s revenue in the short term. In that sense, it may be in the interest of those users who also happen to be its shareholders. In the long term however it never pays to ignore your customers’ needs. About twenty years ago, IBM tried to force the PC market to switch to its proprietary Micro Channel Architecture (with IBM PS/2 range). The result was that IBM lost control of the PC market place to Compaq and other companies who took over. Microsoft is every bit as arrogant now as IBM was back then and it will suffer the consequences.

Ubuntu 8.04 LTS released

Posted on by
Reply

The latest version of Ubuntu, the most popular desktop version of Linux on the market, was released on Thursday, 24 April 2008.

New versions are released every six months and labelled after the release year and month, therefore the latest will be known as 8.04, replacing 7.10. The “LTS” suffix stands for “Long Term Support”, as this version will be supported for three years.

The new version, code named “Hardy Heron” bundles the new FireFox 3.0 web browser, updates to photo management and video and music-related features. It can also install on top of an existing copy of Windows without the need to repartition the hard disk. This lowers the barrier to entry for new users who, if they’re not happy with Ubuntu, can always remove it using the Windows Control Panel, just like any other Windows application.

If you have a bittorrent client such as uTorrent, you can download ISO images of install CDs and DVDs via this page:

http://torrent.ubuntu.com:6969/

Links:

Yahoo! Mail “0000-00-00 and 9999-99-99” bug

Posted on by
3

You may have noticed emails from Yahoo accounts recently that include the string “between 0000-00-00 and 9999-99-99” at the bottom of the email. Apparently it gets added to outbound email only on new emails that were composed.

It’s a bug in Yahoo which crept in on April 15 during an upgrade. It’s an issue related to accessing the MySQL database and a date / time comparison. There is no way for Yahoo! Mail users to fix the problem, but it also doesn’t appear to cause any harm beyond thoroughly confusing everyone.

Yahoo is aware of the problem. Their current statement on it is:

“Please be assured that we are aware of this issue and have escalated this to our Engineering Department for further investigation. We hope to have it resolved as soon as possible”.

First impressions of Vista and Ubuntu

Posted on by
12

Last week I was on a business trip to the USA and decided it was finally time for me to buy a new notebook computer. Here in Japan it’s difficult to get machines with US keyboards.

My previous one was a 650 MHz Pentium III whose RAM was maxed out at 512 MB while my main desktops and servers have 2 GB or more. Lack of RAM slows down PCs much more than a slow clock speed does. People who buy entry level Vista machines equipped with only 512 MB would be better off with a sub-1 GHz CPU but a full 1 GB of RAM.

I picked a Gateway M-6750 with a 1.66 GHz Core 2 Duo CPU, a 250 GB 3.5″ hard disk and 3 GB of RAM. It comes with a built-in microphone and webcam, very handy for Skype-addicts like me.

Every single machine at Best Buy and Circuit City that I looked at came with some form of Vista preinstalled. Microsoft sure does not want to give customers any choice whether they stick with XP. Ideally, I would have wiped off Vista and installed Windows XP on it. Until now I had kept my office a Vista-free zone, but knowing that occasionally I will needed to test some software on it, I stuck with it for the new machine.

I spent some time reconfiguring the Vista desktop to be as Windows 2000 and XP-like as possible. The constant alerts to permit some actions I had requested soon became annoying. Often a single operation results in the user having to agree two or three times. Inevitably, agreeing to anything without giving it much thought soon becomes a habit. Does Microsoft seriously believe that training users to constantly click “Allow”, “OK”, “Yes” will lead to a noticeable gain in security?

So far I have seen little reason for anyone to upgrade from Windows XP or Windows 2000 (my favourite Windows version) to Vista. Sure, there is plenty of new eye candy, but who but the makers and vendors of graphics chipsets, CPUs and RAM benefits from that? Users spent countless hours relearning the user interface and getting old application working (or replacing them). Even for upgrades from Vista to Vista Service Pack 1 there were so many land mines that Microsoft decided to hold off general availability of SP1 via Windows Update for several more months.

One of the reasons I picked this model was its large hard disk, because I was planning to also run Ubuntu. I downloaded the ISO image and burnt it to DVD using the burner software included with Vista. Ubuntu initially boots off a live DVD that includes an installer. The installation was fairly straightforward. The installer shrank the Windows NTFS partition to make space for Ubuntu. After the main installation it downloaded close to 200 updated packages and fixes, then it was all done. The default configuration took up only 2.4 GB of disk space.

I was impressed that I can access shared folders and volumes on Windows machines from Ubuntu, as well as being able to read files in the NTFS (Windows Vista) partition on the drive.

There were two driver issues however, which I have yet to resolve [now partly resolved, see updates below!]:

  • The sound hardware is missing a driver. The loadspeaker symbol in the top right corner of the desktop is showing disabled and I can’t get sound output on the builtin speakers.
  • The builtin wireless card doesn’t appear to be suppported. I can only connect to the LAN and internet by using a wired connection.

In general, driver support in Ubuntu is good, but there are obviously still some rough edges. It would help if Gateway and other manufacturers were to offer pre-configured Ubuntu machines, as Dell already does.

Similar driver issues can occur on Vista. In fact, last week I was helping set up an AOpen MiniPC, which had been upgraded to Vista after a memory upgrade from 512 MB to 1 GB and it also had issues with its wireless, which wasn’t supported until a couple of Windows Update runs.

I think Linux and in particular Ubuntu will become an increasingly serious challenger to Microsoft’s de-facto monopoly on the desktop and not before time.

Update, 2008-03-14:
Ubuntu 7.10 (“Gutsy Gibbon”, released in October 2007) detects the sound hardware on this Intel chipset, but there doesn’t seem to be a driver for it yet. When I enter ” lspci -v” at the shell prompt, it lists this:

00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03)
Subsystem: Gateway 2000 Unknown device 0380
Flags: fast devsel, IRQ 22
Memory at fa500000 (64-bit, non-prefetchable) [size=16K]
Capabilities: [50] Power Management version 2
Capabilities: [60] Message Signalled Interrupts: Mask- 64bit+ Queue=0/0 Enable-
Capabilities: [70] Express Unknown type IRQ 0

I checked the sound drivers for Intel chips listed at http://www.alsa-project.org/main/index.php/Matrix:Vendor-Intel and it appears the ICH8 chipset is not supported yet.

Update, 2008-03-18:
The Marvell TOPDOG wireless adapter is now working with Ubuntu, by following the advice given by others and installing the Windows 2000/XP drivers for the hardware using ndiswrapper. I had first tried the Vista driver, but had no luck with that. The Ndiswrapper project page on SourceForge specifically recommended to avoid Vista drivers and use Windows 2000 or XP NDIS drivers. For PCI device ID 11AB:2A08 you need the NetMW14x.inf file which references the two driver files NetMW143.sys (for Windows 2000) and NetMW145.sys (for Windows XP).

The following threads and instructions proved very helpful, please read them both if you have the same problem as I did:

  1. https://help.ubuntu.com/community/WifiDocs/Driver/Ndiswrapper
  2. http://ubuntuforums.org/archive/index.php/t-575785.html

Here is what I did after installing the Ndiswrapper software and copying over the Windows drivers from a Windows machine where I had run the installer:

$ sudo ndiswrapper -i NetMW14x.inf
installing netmw14x …
$ sudo ndiswrapper -a 11ab:2a08 netmw14x
WARNING: Driver ‘netmw14x’ will be used for ’11AB:2A08′
This is safe _only_ if driver netmw14x is meant for chip in device 11AB:2A08
$ sudo ndiswrapper -l
netmw14x : driver installed
device (11AB:2A08) present

After that I followed the instructions for Configuring Wireless Network Settings. Voila! Wireless network connectivity under Ubuntu anywhere in the building!

Update, 2008-04-16:
Drew’s advice on how to get sound working did the trick for me too: I can now use the audio on my Gateway M-6750. I ran this as he suggested:

sudo apt-get install linux-backports-modules-generic

and restarted the machine. Thanks, Drew!

Our site got hit by a Denial-of-Service attack

Posted on by
9

From November 9 to November 19 two of our domains were unter attack by cyber-criminals. Due to a Distributed Denial-of-Service attack (DDoS) involving thousands of remote controlled zombie computers directed from a secret control centre, some of our sites were inaccessible for several days.

First we received an automated warning email from our webhost, which gets triggered if a certain amount of traffic per hour is exceeeded. I started blocking IP addresses of hosts with an excessive number of connections using iptables in Linux, but could not keep up: The server became unreachable. I was left with no choice but to pull the emergency brake, i.e. to replace the IP address of the server with a non-routable IP address such as 127.0.0.1 (loopback address).

I then moved the affected website to a backup server and reenabled it there. The new server was running a later Linux kernel than the old one. If you get DOSed, make sure you have Linux kernel 2.6, which is more suitable for reconfiguration to make it more resilient against such attacks.

After a number of days, other hosts names on our server that had not been disabled were also added to the list of attack targets.

As a result of the tweaks on the new server the sites stayed up most of the time, but the bandwidth usage was tremendous. During one hour the attacking bots generated more than 31 GB of traffic. On that peek day the traffic on that server came to 152 GB, even though we added over 4000 different IP addresses of attacking hosts to the blocklist.

Clearly, anyone who doesn’t have an unlimited traffic allowance for his hosting account would be in trouble with such huge numbers, even if the machine and operating system were able to keep up. Once they exhaust their monthly allowance they would either have to start paying for extra Gigabytes or the server gets disconnected, or the network speed gets throttled down, which would make the site virtually unreachable.

After 10 days the attacks started winding down. By that time we knew where the control center of the botnet was located. It was hosted by a company called AbdAllah Internet Hizmetleri in Turkey. Its upstream provider is TurkTelekom. The IP address range used by the hoster is listed by anti-spam site SpamHaus.org as being used for “Ukrainian/Russian cybercriminal hosting”.

During or shortly after the attacks against our servers, the same botnet also attacked the following sites:

  • newgeneration.lv
  • streamingvideosoftware.info
  • www.kety.org
  • anriintern.com
  • datingsoftware.org

This target list ranges from an anti-spam website (ours) over an evangelical church site to sites related to adult videos.

Distributed denial of service attacks are a mortal danger for any website. There are few effective countremeasures, except load sharing with many fast servers connected via fat data pipes, but even that is no match for some of the largest botnets such Storm. Attacks are used to intimidate, to silence or to extort “protection money”. Victims have little hope of getting effective help from law enforcement.

What needs to happen? First of all, the number of infected computers needs to decrease. Unsecured broadband hosts that come under criminal control are a public menace. Webhosts need to take effective action against botnet control centres. Unlike the actual bots, which are mostly running Windows XP, most of the botnet control centres run on Linux servers in data centres. Hosters must not turn a blind eye to this. If they do that because of money from criminals then their upstream providers must disconnect them.

Gmail raises limit to 4 GB (and counting), but you might hit it sooner

Posted on by
1

When Google introduced it’s free email service it offered 1 GB of space, much more than the competition at the time. Later the limit was doubled to 2 GB. It has been increasing on a counter since: As you watched you could see the KB figure of the limit steadily increase.

Two GB for email will last forever, right? Not quite. As a longtime Gmail user I first managed to hit the ceiling on one account less than two months ago, at 2.9 GB and therein lies a lesson, because I managed to hit the limit twice, for different reasons.

I was accessing the account in question via POP3. Mails were arriving in large numbers and I was picking them up from a mail client (Outlook Express via my spam filter), which explicitly deletes them from the mail server after pickup. Only my local hard disk should keep a copy. Nevertheless after some months all 2.9 GB on the account were in use and mails started getting rejected for lack of space.

I found I foolishly had opted to leave mails in the Gmail account even when the mail client had requested the mails to be deleted the from the server via POP3. Mails are either kept, archived or deleted. Gmail gives you that flexibility, but it means you can run out of space when you shouldn’t.

After mails started bouncing I went in and reconfigured the account to have any mails deleted that had been picked up via POP3. To create a safety margin I also went in and deleted several tens of megabytes of the oldest emails and emptied the trash, so the files were permanently deleted.

Soon after that mails bounced again. Here is what I found: When Gmail is configured to actually delete mails when a POP3 delete request arrives, it will not free up the space. It only moves the mail to its trash folder. It will not purge deleted emails from the trash if it runs out of space. Unless you go in manually, all these mails will stay around for another 30 days.

What this means in practice is that you need to leave enough space in your Gmail account for 30 days worth of email traffic or you’ll run out of space. Alternatively you periodically need to go in manually and tell Gmail to discard everything in the trash folder. If your monthly mail volume exceeds the Gmail mailbox limit you have no alternative but to manually empty the trash every couple of days.

The situation has eased a little bit because Gmail recently made more storage available, letting the limit count up rapidly to 4 GB and beyond, instead of the previous 2.9 GB. Paying customers get even more storage space.

Google’s intention with giving users more space is clear: They want their customers to keep files online, where they can be searched and edited with Google’s server-hosted online tools, rather than the desktop applications such as Microsoft Office that have been Microsoft’s cash cow until now. Google makes money through online ads, so it wants eyeballs on server-based applications such as Gmail which it controls.

I am not sure how well that strategy will work in the end. Personally I prefer to have all my data on a hard disk in my office or home, duplicated onto USB hard disks for security. I do not trust any company to always give me access when I need to. That’s why I use POP3 and not IMAP for email. If the server goes down I still have my data.

If I need to get access to my files while I’m away from home I will access my machines using remote access tools. Some people may feel like me, others like the idea of files that can be accessed from any PC via a website.

Irrespective of the success of server based file storage, even on the desktop there are now good alternatives to Microsoft Office, such as OpenOffice 2.3 which I have started using. I can view and edit just about any Microsoft proprietary data file without paying hundreds of dollars.

Between server-based tools offered by Google and others, full featured free Office competitors and increasing acceptance of Ubuntu and other Linux versions on the desktop and last but not least Microsoft’s toad called Vista that it hoped its user base would swallow eagerly, I can see trouble brewing for the monopolist in Redmont.

Update (2007-10-26):
A table in the source code of Gmail’s HTML pages reveals their planned schedule for increasing space. After reaching 4321 MB by October 23, the limit will steadily rise to reach 6283 MB by January 4, 2008. From there onwards the pace will slow down again, rising only about 1 GB per year. Of course they can revise this schedule any time, so your mileage may vary 😉

// Estimates of nanite storage generation over time.
var CP = [
[ 1175414400000, 2835 ],
[ 1192176000000, 2912 ],
[ 1193122800000, 4321 ],
[ 1199433600000, 6283 ],
[ 2147328000000, 43008 ],

Anti-Fraud sites under attack

Posted on by
3

Several of the main sites dedicated to fighting online scams are currently inaccessible because of a “Denial of service” (DoS) attack.

Fraudwatchers.com, aa419.org, 419eater.com and occassionally thescambaiter.com have been offline. Thescambaiter.com and 419eater.com are two of the oldest sites that fight “419” scams (named of the section in the Nigerian penal code that prohibits fraud). Fraudwatchers.org and aa419.org deal with a wider range of online scams, Nigerian scams as well as Escrow and commercial scams often run by Eastern European crime rings.

It is still unclear who is behind the attack. The selection of websites for this concurrent attack suggests Nigerian scammers, but technically the type of attack is more typical for Eastern European scammers. It may well be a sign of increased cooperation between both crime communities.

The exposure of websites to the danger of cyber attacks in a more and more net-centric world was highlighted earlier in the year when websites in Estonia were crippled for several days in large scale attacks, many of which originated from next-door Russia, with which Estonia has had a strained political relationsship.

Throughout this year criminals have been building the Storm botnet, a network of remote-controlled zombie computers infected with Malware that lets the criminal masters download and run any software on them that they chose. So far the Storm botnet has been used primarily fo sending pump-and-dump penny stock spams (see here). However, experts estimate the network as being comprised of between 1 and 10 million computers, far larger than needed to spam every computer on the planet. It’s probably the only peer-to-peer network comparable in size to eBay’s voice-over-IP giant Skype, which currently has 4 to 7 million concurrent online users.

Botnets have the potential to cripple the information infrastructure that countries increasingly rely on. Greater efforts need to be made to prevent infections, clean up or quarantaine infected computers and to track down the criminals who control them.

Robert Scoble on “How Bill Gates beat Gary Kildall”

Posted on by
Reply

Gary Kildall, creator of CP/M, the first industry standard operating system for personal computers

If you’re interested in the history of personal computers and the software industry, Robert Scoble’s one hour show on “How Bill Gates beat Gary Kildall in OS war” is well worth watching. In an interview Tom Rolander, who worked with Gary Kildall when IBM came to talk about an operating system for their yet unannounced PC, talks about how Microsoft came to pick up the contract that set the foundation for its Windows empire, while DRI lost it’s role as the operating system standard of the early microcomputer industry.

Also mentioned is the dismissal of a lawsuit by Tim Paterson, the author of QDOS aka SCP-DOS, which was renamed IBM PC-DOS and MS-DOS by IBM and Microsoft. You can download the ruling here. Paterson had sued author Harold Evans for defamation after being mentioned in a chapter of Evans’ book “They Made America” on Gary Kildall.

On July 25 judge Thomas S. Zilly ruled that:

Plaintiff Tim Paterson has failed to provide evidence that statements in Sir Harold Evans’
chapter on Gary Kildall are provably false or defamatory. The statements in the Kildall chapter constitute non-actionable opinion protected by the First Amendment, or statements
that are not provably false. In addition, as a limited purpose figure Mr. Paterson has failed to
provide any evidence that Sir Harold Evans acted with actual malice.

CrossLoop beta released

Posted on by
Reply

CrossLoop, a secure screen sharing utility for anyone who uses a computer with a broadband connection, is now in beta testing. If you use computers you sooner or later encounter problems where you need somebody’s help to solve them. Often it can be difficult to describe the symptoms or the solution. Whether it’s helping a parent or a customer, CrossLoop makes remote problem solving and cooperation easy and intuitive. Installed and running in under two minutes, it lets you share access to the same computer, looking at the same screen and (optionally) with shared use of the keyboard and mouse. It’s also handy for running a slide show or demonstrating the use of some software to someone hundreds or thousands of kilometres away. Complex software installations, remote troubleshooting — it’s almost like you’re both sitting in front of the same computer. CrossLoop does this without complex setup such reconfiguring routers and firewalls and leaves no backdoors. All data is securely encrypted using 128-bit encryption, so no one can snoop in. And it’s all free 🙂

CrossLoop

Disclaimer: I work for the company that makes this product. As someone who lives in Japan, with family, friends and colleagues in Europe, the USA and elsewhere this is a natural product for me to work on and use myself.

Other blogs that talk about CrossLoop:

You can add comments and ratings to the digg review mentioned above by clicking the “join digg for free” link below the list of user comments.