New intel box

I just finished up building a new intel-based box from parts. This is the first time I've tried to assemble my own, rather than buying a whole one. However, my brother has made several machines out of Shuttle cases, and they seem to work well. All the parts came from newegg - here's what I got:

1. Shuttle SP45H7 barebones case
2. Intel Core 2 Duo E8400 3.0ghz processor, 65 watts
3. 4 Gb Corsair DDR2 800 RAM
4. Optiarc/NEC/Sony AD-7220S SATA DVD burner

and some other parts I had lying around, including a nvidia GeForce 8800GS PCIe video card and a 500gb seagate drive.

On the whole, it was incredibly easy to assemble - took about an hour. Getting XP and Vista x64 on it in a dual-boot configuration took a bit longer, due to hassles with the BIOS. It was flaky when trying to boot from the SATA DVD drive in AHCI mode. It either wouldn't boot, would blue-screen the installer, or would simply fail to recognize that there was a 

For both XP and Vista, I had to switch the bios to IDE compatibility mode, install, make some registry hacks and install drivers, reboot, switch the bios to AHCI, and then continue. Details are available here with more detail here for XP. Vista was much easier. I tried all sorts of things, trying to avoid having to do manual registry hacks, but once I got over that and did what needed to be done to the registry, then it went pretty smoothly.

Gunpowder through the TSA security checkpoints

Wonderful posting, Linked to by Bruce Schneier. Wow.

Last day in Germany

I'm in Groß-Gerau, a bit southwest of Frankfurt. I recently finished up a workshop at Schloss Dagstuhl about the Data Documentation Initiative. Rather interesting (if you're in my line of work...).

I'm now visiting friends, and I head home tomorrow. Somewhat bittersweet - I've had a great trip and I've quite enjoyed visiting people I haven't seen in months or years, but I also miss my wife and kids, and I'm quite sure that she's ready to have me home.

Fun with IE6, SSLv2 and TLSv1

Internet Explorer pain

A consulting client of mine has a website with some security requirements that mandate the use of encrypted communications. The site had been running on Tomcat 4 on a Win2K server machine, with no particular tuning of how tomcat dealt with crypto. We kinda just dropped in the server-side cert and ran with it, back in 2003 or so.

We recently ran a nessus scan on the machine, which suggested that allowing SSL2 and weak ciphers was perhaps a bad idea. We were intending to retire the Win2K machine anyway and do some other software updates, so we decided to deal with this too. The new machine is a Win2003 R2 server running inside of VMWare, with Tomcat 6 running in a Java 6 JVM, and using the APR connecter rather than the tomcat standard connector.

We initially deployed with the following configuration:


<Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol"
SSLEnabled="true" compression="on"
maxThreads="150" scheme="https" secure="true"
SSLProtocol="TLSv1"
SSLCipherSuite="HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL"
SSLCertificateKeyFile="conf/privatekey.key"
SSLCertificateFile="conf/site.crt"
SSLPassword="i_can_haz_crypto_k_thx_bye" />



this worked great with IE7, Firefox 2+, and Safari, but IE6 acted as if it couldn't find the site at all - as if it failed DNS resolution! We had some difficulty figuring out what was going on, but we ended up turning on SSLv3 as well as just TLSv1 in the SSLProtocol setting, like so:


<Connector port="443" protocol="org.apache.coyote.http11.Http11AprProtocol"
SSLEnabled="true" compression="on"
maxThreads="150" scheme="https" secure="true"
SSLProtocol="ALL -SSLv2"
SSLCipherSuite="HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL"
SSLCertificateKeyFile="conf/privatekey.key"
SSLCertificateFile="conf/site.crt"
SSLPassword="i_can_haz_crypto_k_thx_bye" />



and then things seemed much happier. This was particularly confusing, as our IE6 machine had "Support TLS" checked in the Tools->Internet Options->Advanced settings pane. Still not entirely sure what's going on, but turning on SSLv3 and leaving SSLv2 off appears to work.

Time to upgrade the world to Firefox.

Running

It's been ages since I've posted, so this is maybe not the deepest thing I've put up here.

I had a great 5-mile run today, despite getting rained on at the beginning. I did 5-mile runs on monday and tuesday too. Thursday I got stuck cleaning up a user's computer (he managed to find a new virus that Symantec had only heard about as of thursday AM), and left work late, so I had to bike rather than run.

Tomorrow, my little sister turns... um... (2008-1972=... um...) 36! I'm feeling kind of old. I turn 40 this year as well. Getting ancient!

For an obligatory funny - watch the Mythbusters guys explain why GPUs (the primary expensive, hot chip on your video card) are different from CPUs (the primary expensive, hot chip on your computer). It's quite amusing, and is a good illustration of parallel processing. 

Codeweavers Lame Duck presidential challenge

CodeWeavers, a generally cool company to begin with, is hosting a "great american lame duck presidential challenge". If Bush is able to meet clear, specific, and reasonable goals, CodeWeavers will give away their software for 24 hours - fully functional, fully supported, no charge. One copy per customer.

I hope they're able to give away a lot.

Sailing with Laurel and Ella

James and I went up to the boat this past weekend, to do a bunch of projects with my dad. Laurel and Ella were at my folks, attending a nature camp at Hartley Nature Center in Duluth. On Saturday, we went for a sail. We had really nice winds at the start, but then a thick fog came in from the lake. Laurel and Ella were a bit cold, and Laurel provided a demonstration of why kids and expensive digital SLR cameras don't mix. Luckily, I don't have an expensive digital SLR camera - I've got an olympus C-8080. Clearly, I'm missing an important filter - but what kind of filter do you use to filter out kid spit? 

Major Time waster coming... when?

Ironically, I just started re-playing Diablo II with a paladin - a character class I had never played when the game was relatively new. Turns out it screams on modern hardware. ;-)

Re-reading the mythical man month

I've been re-reading The Mythical Man-Month by Fred Brooks (20th anniversary edition), in particular the "The Mythical Man-Month after 20 years" chapter. I'm amazed that he basically presages large parts of The Agile Manifesto - which was written down in 2001 and was viewed by some as radical. 

The manifesto states, in short:

• Individuals and interactions over processes and tools 
  
• Working software over comprehensive documentation 
  
• Customer collaboration over contract negotiation 
  
• Responding to change over following a plan
  

We value the things on the right, but we value the things on the left more.

In practice, these are often realized with practices like iterative, incremental development, automated unit tests, daily or continuous integration, empowered teams (a la scrum), daily short stand-up meetings to keep everyone in synch, among others.

Some of the section titles in Brook's essay are:

• An Incremental-Build Model Is Better - Progressive Refinement
  
• Microsoft's "Build Every Night" Strategy
  
• People Are Everything (Well, Almost Everything)
  
• The Power of Giving Up Power
  

I think it's wonderful that a lot of the ideas that "agile development" pushes in fact have very very deep and old roots in the history of software development.

Alas, amazon - we hardly knew ye

I've never seen this before, and it's a little scary. Amazon.com is down. This was taken on 6/6/08, at 12:20 PM central time.

Seeing rush again

Rush played in St. Paul on 5/22/08. I went to see the show with Len and James. Here's the set list:

Limelight
Digital Man
Ghost of a Chance
Mission
Main monkey business
Larger Bowl
Red Barchetta
Trees
Spinning Wheels
Dreamline

"What's that smell?"
Far Cry
Workin' them Angels
Armor and Sword
Spindrift
Way the wind blows
Subdivisions
Natural Science
Witch Hunt
Malignant Narcissism
Drum Solo
Hope (guitar solo)
Spirit of Radio
2112 Overture/Syrinx
Tom Sawyer

One Little Victory
Passage to Bangkok
YYZ

Troubleshooting SPSS 16 uninstall for Mac OS/X Leopard

SPSS 16 EVAL is EVIL.

I've been using SPSS 16 for Mac OS/X for a quantitative analysis class. I had been using a licensed copy on my mac book pro, and recently installed the eval version on my mac pro - more and faster CPU cores, more and faster memory, more and faster disk; seemed like a good idea to run it where it'd go faster, but I didn't want to pay for two licenses.

Well, the 14 day eval expired, and so I uninstalled it. And then Finder crashed. And crashed. And crashed some more. And kept on crashing. And continued to crash even after a reboot.

I was able to get into System Preferences, turn on sshd, and log in remotely, and look at /var/log/system.log. There were a ton of messages that looked like this:


May 5 15:33:32 lennybruce Finder[208]: [QL ERROR] Can't get plugin bundle info at /Applications/SPSSInc/SPSS16EV/SPSS16.0.app/Contents/Library/QuickLook/SPSSQL.qlgenerator/
May 5 15:33:33 lennybruce ReportCrash[196]: Formulating crash report for process Dock[207]
May 5 15:33:33 lennybruce ReportCrash[196]: Saved crashreport to /Users/pclark/Library/Logs/CrashReporter/Dock_2008-05-05-153331_lennybruce.crash using uid: 501 gid: 20, euid: 501 egid: 20
May 5 15:33:33 lennybruce com.apple.launchd[115] ([0x0-0x44044].com.apple.dock[207]): Exited abnormally: Bus error
May 5 15:33:34 lennybruce ReportCrash[196]: Formulating crash report for process Finder[208]
May 5 15:33:34 lennybruce Dock[209]: [QL ERROR] Can't get plugin bundle info at /Applications/SPSSInc/SPSS16EV/SPSS16.0.app/Contents/Library/QuickLook/SPSSQL.qlgenerator/
May 5 15:33:35 lennybruce Spotlight[123]: [QL ERROR] Can't get plugin bundle info at /Applications/SPSSInc/SPSS16EV/SPSS16.0.app/Contents/Library/QuickLook/SPSSQL.qlgenerator/
May 5 15:33:35 lennybruce com.apple.launchd[115] ([0x0-0x45045].com.apple.finder[208]): Exited abnormally: Bus error
May 5 15:33:36 lennybruce ReportCrash[196]: Saved crashreport to /Users/pclark/Library/Logs/CrashReporter/Finder_2008-05-05-153332_lennybruce.crash using uid: 501 gid: 20, euid: 501 egid: 20


The solution was to blow away the /Applications/SPSSInc folder that the uninstaller had left in place. This could be done either from a ssh connection, or from another login, or perhaps even by booting from the install DVD. Once that folder was gone, Finder came right up. Problem solved, back to crunching numbers on the MPB.

Adding insult to self-inflicted injury

So, yesterday (April fools day, no less), Microsoft held their Windows Server 2008 product launch event in Minneapolis. I got there late, since I had class, and got the software bundle they were handing out. These events usually include free copies of the products being launched - in this case, Win Server 2008, SQL Server 2008, and Visual Studio 2008. Much to my surprise, there was also a copy of Vista Ultimate with SP1. This is a $289 product if you were to buy it from Amazon.com. And there it was, right in the software bundle. I've been to a number of other Microsoft software launches, and they've never included a free copy of XP - not even for the XP launch!

I guess vista's market presence is so bad, that although it would be unfair to say that Microsoft can't give it away, giving it away is what they're doing.

That's the self-inflicted injury part.

The insult part is that I'd actually be happy to have a copy of Vista Ultimate, and I'd use it in place of the Vista Business installation that I'm running now. Unfortunately, Microsoft only gave out 32-bit vista ultimate, and I'm running 64-bit Vista Biz at home. I'm not really all that interested in running 32-bit OS if I can help it anymore (other than that copy of XP I've got floating around for gaming).

So tired of winter

Don't get me wrong - I love winter. I love snow. I love skiing. Earlier this year, Laurel and I went skiing and she progressed from being scared of the "magic carpet" conveyer belt to riding on the chairlift and bombing the hills.

But it's nearly april, and there's still snow on the ground. I want to go running. I want to bike to work. I want the snow to melt and have spring.

In other news, Bea and I went to see the new Horton Hears a Who movie. Good fun - I especially liked the anime-like scene where Horton is fantasizing about his strong kung-fu. And very appropriate for a 3-year-old.

Bea has been interested in reading The Cat in the Hat Comes Back, which isn't a particularly interesting story until you make the (rather obvious) connection to recursion. If you haven't read the book but you know what recursion is, go read it and chuckle knowingly to yourself.

Dual Monitors rock

The Wall Street Journal has cited some research from Utah that dual monitor rigs are significantly more productive for knowledge workers and engineers than single monitors. Turns out, Al Gore already knew this.