You are here: Kaedrin > Weblog > Archives > October 2004

Kaedrin Weblog
« September 2004 | Main | November 2004 »
Sunday, October 31, 2004

MT Success!
After a week of Movable Type installation and upgradation woes, I hath finally vanquished mine enemy and emerged victorious. My tale is long and breathtakingly boring, so I shall not curse thou with the banal details of my struggle without warning. But for posterity, and because some people may have the same problem as me, I shall recount my tale of woe and weary, as well as how my foul enemy was finally defeated.

So las week I embarked on a quest to upgrade Movable Type to the new version. I also figured it would be a good idea to upgrade my database from the once preferred Berkeley db to MySQL. SixApart, the developers of MT, were thoughtful enough to provide a utility (mt-db2sql.cgi) that loads the data from Berkely db to MySQL, say thankya. However, after backing up all my data and following all necessary steps, I ran the script and was baffled by the response. "MySQL server has gone away," it said. Repeated attempts were to no avail. A helpful poster at the MT Support Forums found the error in the MySQL documentation. Said documentation seemed to indicate that this was a server timeout problem. I opened a support ticket with my host and they confirmed that "We do have some limits in place that restrict the amount of time queries can run for, or how much memory they may consume."

At this point I almost despaired. This was about 3 days after the initial attempt, and my lack of progress was depressing. But, in my desperation, I set the script up to run again, and asked my host to run it for me, figuring that they would be able to run it as an admin (or otherwise get around the query limits on the server). My host graciously agreed, and ran the script for me. Checking the database with PHPMyAdmin, I could see that all the pertinent data was in the appropriate location. Victory is mine! Or so I thought.

Overjoyed at finally completing the data load, I anxiously logged in to MT. Alas, it was not to be. I logged in, and saw that neither of my blogs was appearing. What foul devilry was this? I could see my profile information and the Activity Log, but I could not view (and thus, I could not edit) either blog. Even more frustrating, the MT System Stats box showed "Total Blogs: 2." This meant that MT was getting data from MySQL, but that not all of it was showing up.

Again, I almost despaired. Subsequent posts to the MT Support Forum did not produce any results. For three days, I languished in agony, and in moments of weakness, I debated switching back to Berkeley db. But this morn, I decided to give the MT Support Forums one last check, and though no one had responeded to my pleading posts, I did find one post in another forum on another subject, which proved to be most helpful.

In short, that post contained links to a few useful configuration utilities, including the glorious MT-Medic. After downloading, configuring, and installing MT-Medic, I saw that my Username in MT no longer had the correct permissions set. For whatever reason, mt-db2sql.cgi did not transfer over said permissions when it ran, and thus my Username did not have permission to see my blogs. MT-Medic allowed me to fix this problem quickly and easily. (I must also thank the Multiple Blog Suite for help in diagnosing the problem).

With that demon slain, I was able to log in to MT and write this entry. Success was finally mine. I can finally post again, and upgrade MT-Blacklist so as to prevent massive comment spamming (apparently, spammers found a way to submit comments even during the period of limbo). So there you have it. If you're still reading this and wondering what the hell I'm blathering about, please accept my apologies, but I figured this post could be a help to others who will no doubt suffer from this problem in the future.

Update: Well then, it seems my celebrating was a bit premature. It turns out that none of my templates made the switch, and so when I tried to publish this entry it didn't show up. So I switched back to Berkeley db, copy/pasted all of the templates into files, which I then imported into the MySQL version of MT, at which point I was able to publish this. Yes, so another helpful hint: Use the link this template to a file feature. Again, apologies to those who have no idea what I'm talking about...

Again Update: It seems that in the conversion process, all of my entries lost their category associations. Odd. So the category archives might be acting funny until I can go back and recategorize everything. Given MT 3.x's new subcategory feature, this might not be a horrible thing, but still, another thing to be aware of...
Posted by Mark on October 31, 2004 at 10:16 AM .: link :.

Sunday, October 24, 2004

Life & Art in Wartime Baghdad
Oil Painting by Esam PashaYet another Baghdad Journal from Steve Mumford. For those unfamiliar with Mumford's work, he is a New York artist who has gone to Iraq a number of times and posted a series of excellent articles about his travels. They usually provide a much different perspective on the happenings in Iraq than you're used to seeing in the media. In this latest installment he describes a run-in with the mehdi army (he meets them in a falafel place where one of them asks him, "Mister, you like Muqtada?" Talk about a loaded question!), among other less scary but still concerning anecdotes (this entry seems to portray a more dangerous Baghdad than previous entries), and as usual he has posted some excellent artwork. The art seems a little more detailed than usual, and he also posted a piece from Iraqi artist and friend Esam Pasha (pictured to the right) as well as some photographs of various friends and artwork. Very cool stuff. If you liked this installment, I've collected all of the Baghdad Journal entries here for easy access. Highly recommended reading.
Posted by Mark on October 24, 2004 at 11:36 AM .: link :.

MT Upgrade
I'm in the process of doing some upgrades and maintenance to the site. I've just upgraded to Movable Type 3.121, which went pretty well. Some nice new functionality, and I'm glad it was available in a free version for people like me who only have one weblog with one author and don't post all that often.

Next up is converting from Berkeley DB to MySQL. I actually tried this before I upgraded, but it keeps crapping out on me (I get this error, which I'm sure is a host thing, but they have yet to get back to me). Hopefully I'll get that resolved in the next few days, as I'm told that MySQL is much better in terms of performance.

All of which is to say that you might experience some wierdness in comments and whatnot (wierdness as in not working, not people like myself making strange comments). Other site maintenance is afoot as well (believe it or not, this site is more than just a weblog), so keep an eye out...

Update 10.26.04: Still no luck with converting to MySQL. I may have to stick with Berkeley for the time being. Anyway, comments were down for a good portion of the day today, and may be going down again soon. Also, for now, comments need to be approved before they show up. Sorry for any inconvenience.
Posted by Mark on October 24, 2004 at 10:59 AM .: link :.

Saturday, October 23, 2004

The new Slashdot interview with Neal Stephenson is an unexpected treat. Not only are the questions great, but Stephenson's responses are witty and somewhat more profound (and much longer, as he had time to compose answers to some of the more difficult questions). As Nate points out, one of the more enlightening answers deals with the much rumored feud between Stephenson and William Gibson:
I was doing a reading/signing at White Dwarf Books in Vancouver. Gibson stopped by to say hello and extended his hand as if to shake. But I remembered something Bruce Sterling had told me. For, at the time, Sterling and I had formed a pact to fight Gibson. Gibson had been regrown in a vat from scraps of DNA after Sterling had crashed an LNG tanker into Gibson's Stealth pleasure barge in the Straits of Juan de Fuca. During the regeneration process, telescoping Carbonite stilettos had been incorporated into Gibson's arms. Remembering this in the nick of time, I grabbed the signing table and flipped it up between us. Of course the Carbonite stilettos pierced it as if it were cork board, but this spoiled his aim long enough for me to whip my wakizashi out from between my shoulder blades and swing at his head. He deflected the blow with a force blast that sprained my wrist. The falling table knocked over a space heater and set fire to the store. Everyone else fled. Gibson and I dueled among blazing stacks of books for a while. Slowly I gained the upper hand, for, on defense, his Praying Mantis style was no match for my Flying Cloud technique. But I lost him behind a cloud of smoke. Then I had to get out of the place. The streets were crowded with his black-suited minions and I had to turn into a swarm of locusts and fly back to Seattle.
Heh. Stephenson apparently fought Gibson two times after that, and the interview is worth reading just because of that answer... but the whole thing is worth reading, especially his answer regarding why genre and popular writers don't get the literary respect they deserve (or don't, depending on your point of view). [Thanks again to Nate for pointing this out to me, who, in my work induced haze, had missed it entirely]

Update: Just for fun, I checked out Stephenson's homepage and found this picture of the entire Baroque Cycle manuscript:

Again Update: Holy Crap! Stephenson t-shirts? And they look cool too! Why was I not informed? Damn you monkey research squad!
Posted by Mark on October 23, 2004 at 12:04 PM .: link :.

Sunday, October 17, 2004

Dark Tower & Adaptation
This is yet another entry in a series of somewhat repetitive posts about Stephen King's Dark Tower series, particularly how it is going to end. Previous installments are here: [part 1 | part 2 | part 3] Spoilers Ahead:

I've often felt that King doesn't know how to end his novels - it seems like he is just making it up as he goes along. It's a shame because he does come up with some pretty intriguing concepts, and he knows how to get you to turn the page, but as compelling as some of his ideas are, he often ends up backing himself into a corner. He sometimes manages to weasel his way out of it, but other times the ending is just unsatisfying.

The Dark Tower series was different than his other work, though. It had a broader scope than his other books. It is an ambitious effort, telling the epic story of Roland, the last gunslinger, and his quest for the Dark Tower, and King has often described it as his opus. All along, though, I was bothered by the nagging suspicion that he didn't know how to end the series. It seemed like he was making it up as he went along, and that he was backing himself into a corner. He already did as much within the series, in the third volume called The Waste Lands, which he describes in the Author's Note thusly:
I am well aware that some readers of The Waste Lands will be displeased that it has ended as it has, with so much unresolved. I am not terribly pleased to be leaving Roland and his companions in the not-so-tender care of Blaine the Mono myself, and although you are not obligated to believe me, I must nevertheless insist that I was as surprised by the conclusion to this third volume as some of my readers may be. Yet books which write themselves (as this one did, for the most part) must also be allowed to end themselves, and I can only assure you, Reader, that Roland and his band have come to one of the crucial border crossings in their story, and we must leave them here for a while at the customs station, answering questions and filling out forms.
He had ended The Waste Lands with a cliffhanger, but didn't continue the story for a few years! But the new volume came, and resolve the cliffhanger it did. But in a sense, I could always tell that the story was leading somewhere, and there was always a nagging thought in the back of my mind about how he was going to end it (or even if he was going to end it). So when the new novels started coming out last year, I began noticing bits and pieces of the books which lead me to believe that I wasn't going to be happy with the ending. At times, it is difficult to shake the notion that King is overtly attempting to warn the reader that the ending isn't going to be satisfying. It is almost as if King realizes that he's written himself into a hole, and doesn't really know the way out, and is trying to subtly inform his audience that they may not like where it's going.

I'm about 550 pages (out of 830, not including the Appendix) into the final volume of the series, aptly titled The Dark Tower. Steady as it goes, but I did want to mention something about one of King's questionable additions to the Dark Tower mythos: the inclusion of Stephen King himself. You see, Stephen King has written himself into the story. Personally, I found this to be a questionable move, but I must admit that I found those chapters that have Stephen King (the character) to be rather well done. I'm still not sure it was the wisest move, but it could certainly have been much worse and I've actually enjoyed some of the nuances that have come about because of that addition. The way in which he references himself, and the part his "character" plays in the story, reminded me of something...

The movie Adaptation is based on an odd recursive concept: The screenwriter, Charlie Kaufman, was hired to write an adaptation of Susan Orlean's novel The Orchid Thief, but he found the task to be quite difficult and could not seem to make any progress. So instead of actually writing the adaptation, he writes a script about how he is having trouble writing the adaptation. The result is a strangely compelling and moving film.

And it struck me that King, himself anxious that he would not be able to complete his beloved Dark Tower series, has instead written a story about how he is having trouble ending the series. Oh, it's not all about him. In fact, his "character" is actually quite a peripheral one, but every mention of his character seems to fit. And to be fair, as King has said, this stuff writes itself. For example, on page 144 of The Dark Tower, Roland's ka-tet discusses the writer:
"If he wrote those things into the story," Eddie said, "it was long after we saw him in 1977."

"Aye," Roland agreed.

"And I don't think he thought them up," Eddie said. "Not really. He's just... I dunno, just a..."

"A bumhug?" Susannah asked, smiling.

"No!" Jake said, sounding a little shocked. "Not that. He's a sender. A telecaster." ...
It must be a little cathartic for King, to be able to use his difficulties in writing the series in such a way, just as Charlie Kaufman was able to channel his frustration into something meaningful. Another quote, from pages 446-447, portrays the author thinking about writing the series:
Going back to the tale of the Tower means swimming in deep water. Maybe drowning there. Yet he suddenly realizes standing here at this crossroads, that if he goes back early he will begin. He won't be able to help himself. ... He'll junk the current story, turn his back on the safety of land, and swim out into that dark water once again. He's done it four times before, but this time he'll have to swim all the way to the other side.
To be honest, I'm not being very fair to King at all. I'm certainly reading a lot into them, but these last few books aren't bad, and I've really enjoyed reading them. I have a feeling that once the series is over, I'll look back on it with a grin on my face. I might even read the whole thing again. But I can't get over the feeling that there was something else, something better, that laid in store for Roland and his quest. It feels like King has lost something with these newer books. They lack the sweeping grandeur of the first four books. It no longer seems to be such an epic quest, but then, I'm not sure such greatness could be sustained. I wonder how I would feel if King never finished the series, just leaving it at book four? In closing, another quote, from page 447:
"Resolution demands sacrifice," King says, and although no one hears but the birds and he has no idea what this means, he is not disturbed.
Posted by Mark on October 17, 2004 at 07:33 PM .: link :.

Sunday, October 10, 2004

Open Security and Full Disclosure
A few weeks ago, I wrote about what the mainstream media could learn from Reflexive documentary filmmaking. Put simply, Reflexive Documentaries achieve a higher degree of objectivity by embracing and acknowledging their own biases and agenda. Ironically, by acknowledging their own subjectivity, these films are more objective and reliable. I felt that the media could learn from such a model. Interestingly enough, such concepts can be applied to wider scenarios concerning information dissemination, particularly security.

Bruce Schneier has often written about such issues, and most of the information that follows is summarized from several of his articles, recent and old. The question with respect to computer security systems is this: Is publishing computer and network or software vulnerability information a good idea, or does it just help attackers?

When such a vulnerability exists, it creates what Schneier calls a Window of Exposure in which the vulnerability can still be exploited. This window exists until the vulnerability is patched and installed. There are five key phases which define the size of the window:
Phase 1 is before the vulnerability is discovered. The vulnerability exists, but no one can exploit it. Phase 2 is after the vulnerability is discovered, but before it is announced. At that point only a few people know about the vulnerability, but no one knows to defend against it. Depending on who knows what, this could either be an enormous risk or no risk at all. During this phase, news about the vulnerability spreads -- either slowly, quickly, or not at all -- depending on who discovered the vulnerability. Of course, multiple people can make the same discovery at different times, so this can get very complicated.

Phase 3 is after the vulnerability is announced. Maybe the announcement is made by the person who discovered the vulnerability in Phase 2, or maybe it is made by someone else who independently discovered the vulnerability later. At that point more people learn about the vulnerability, and the risk increases. In Phase 4, an automatic attack tool to exploit the vulnerability is published. Now the number of people who can exploit the vulnerability grows exponentially. Finally, the vendor issues a patch that closes the vulnerability, starting Phase 5. As people install the patch and re-secure their systems, the risk of exploit shrinks. Some people never install the patch, so there is always some risk. But it decays over time as systems are naturally upgraded.
The goal is to minimize the impact of the vulnerability by reducing the window of exposure (the area under the curve in figure 1). There are two basic approaches: secrecy and full disclosure.

The secrecy approach seeks to reduce the window of exposure by limiting public access to vulnerability information. In a different essay about network outages, Schneier gives a good summary of why secrecy doesn't work well:
The argument that secrecy is good for security is naive, and always worth rebutting. Secrecy is only beneficial to security in limited circumstances, and certainly not with respect to vulnerability or reliability information. Secrets are fragile; once they're lost they're lost forever. Security that relies on secrecy is also fragile; once secrecy is lost there's no way to recover security. Trying to base security on secrecy is just plain bad design.

... Secrecy prevents people from assessing their own risks.
Secrecy may work on paper, but in practice, keeping vulnerabilities secret removes motivation to fix the problem (it is possible that a company could utilize secrecy well, but it is unlikely that all companies would do so and it would be foolish to rely on such competency). The other method of reducing the window of exposure is to disclose all information about the vulnerablity publicly. Full Disclosure, as this method is called, seems counterintuitive, but Schneier explains:
Proponents of secrecy ignore the security value of openness: public scrutiny is the only reliable way to improve security. Before software bugs were routinely published, software companies routinely denied their existence and wouldn't bother fixing them, believing in the security of secrecy.
Ironically, publishing details about vulnerabilities leads to a more secure system. Of course, this isn't perfect. Obviously publishing vulnerabilities constitutes a short term danger, and can sometimes do more harm than good. But the alternative, secrecy, is worse. As Schneier is fond of saying, security is about tradeoffs. As I'm fond of saying, human beings don't so much solve problems as they trade one set of disadvantages for another (with the hope that the new set isn't quite as bad as the old). There is no solution here, only a less disadvantaged system.

This is what makes advocating open security systems like full disclosure difficult. Opponents will always be able to point to its flaws, and secrecy advocates are good at exploiting the intuitive (but not necessarily correct) nature of their systems. Open security systems are just counter-intuitive, and there is a tendency to not want to increase risk in the short term (as things like full disclosure does). Unfortunately, that means that the long term danger increases, as there is less incentive to fix security problems.

By the way, Schneier has started a blog. It appears to be made up of the same content that he normally releases monthly in the Crypto-Gram newsletter, but spread out over time. I think it will be interesting to see if Schneier starts responding to events in a more timely fashion, as that is one of the keys to the success of blogs (and it's something that I'm bad at, unless news breaks on a Sunday).
Posted by Mark on October 10, 2004 at 11:56 AM .: link :.

Sunday, October 03, 2004

Monkey Research Squad Strikes Again
My crack squad of monkey researchers comes through again with a few interesting links:
  • Blogs, Media, and Business Strategy: David Foster draws parallels between business strategy, media bias, and blogs:
    The authors argue that disruptive innovations--those destined to change the structure of an industry--tend to attack from below. They usually first appear in a form that is in some ways inferior to the existing dominant technologies, and hence are unlikely to get the attention or respect of industry incumbents. They provide examples in industries ranging from steel to semiconductors. In steel, for instance, the challenger technology was "mini-mills" using electric arc furnaces to melt scrap. At first, the steel produced in these mills wasn't as good as the steel produced with the incumbent technology, the gigantic integrated steel plants, so they focused on an unglamorous and relatively low-margin market: reinforcing bar (rebar). Big-steel executives could afford to disregard the mini-mills and to focus on higher-end business.

    I would bet that the comments made by some big-steel execs about their mini-mill counterparts were quite similar in tone to the comment recently made by a CBS exec about bloggers in their pajamas.
  • Andy Cline and Jay Manifold announce a new joint venture called 411blog.net, a resource whereby "a symbiotic relationship between blogging and traditional forms of journalism can be deliberately cultivated."
  • Belmont Club has some excellent information regarding how the process of mapping social networks and understanding their properties can be used to take down terrorist networks.
  • Kevin Murphy notes the surprising similarities between musicals and action movies.
Posted by Mark on October 03, 2004 at 02:44 PM .: link :.

« September 2004 | Main | November 2004 »

Where am I?
This page contains entries posted to the Kaedrin Weblog in October 2004.

Inside Weblog
Best Entries
Fake Webcam
email me
Kaedrin Beer Blog

August 2016
July 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
July 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004
January 2004
December 2003
November 2003
October 2003
September 2003
August 2003
July 2003
June 2003
May 2003
April 2003
March 2003
February 2003
January 2003
December 2002
November 2002
October 2002
September 2002
August 2002
July 2002
May 2002
April 2002
March 2002
February 2002
January 2002
December 2001
November 2001
October 2001
September 2001
August 2001
July 2001
June 2001
May 2001
April 2001
March 2001
February 2001
January 2001
December 2000
November 2000
October 2000
September 2000
August 2000
July 2000

12 Days of Christmas
2006 Movie Awards
2007 Movie Awards
2008 Movie Awards
2009 Movie Awards
2010 Movie Awards
2011 Fantastic Fest
2011 Movie Awards
2012 Movie Awards
2013 Movie Awards
2014 Movie Awards
2015 Movie Awards
6 Weeks of Halloween
Arts & Letters
Atari 2600
Best Entries
Book Queue
Comic Books
Commodore 64
Computers & Internet
Disgruntled, Freakish Reflections
Harry Potter
Hugo Awards
Link Dump
Neal Stephenson
Philadelphia Film Festival 2006
Philadelphia Film Festival 2008
Philadelphia Film Festival 2009
Philadelphia Film Festival 2010
Science & Technology
Science Fiction
Security & Intelligence
The Dark Tower
Video Games
Weird Book of the Week
Weird Movie of the Week
Green Flag

Copyright © 1999 - 2012 by Mark Ciocco.