George W. Bush names Jesus as the philosopher he admires the most. The most central of the teachings of Jesus can be found in the Sermon on the Mount.

I have come upong Bush's edited version of the sermon, amended to make the dictates of his Saviour easier to follow in these modern times.

Enjoy here in the Sermon on the Mount (George Bush Version)

During the 1990s, the US Government made a major effort to block the deployment of encryption by banning its export. We won that fight, but during the formative years of most internet protocols, they made it hard to add good authentication and privacy to internet tools. They forced vendors to jump through hoops, made users download special "encryption packs" and made encryption the exception rather than the norm in online work.

This, combined with bad design decisions made even without the help of the government, has caused some of the security windows that are bugging people today.

A recent issue is DNS poisoning, getting known by the name of pharming. The scammers send fake DNS answers in advance to buggy DNS servers running on MS Windows Service pack 2 or earlier, or very old *nix copies of bind. They tell the server that www.yourbank.com should really go to their address with a fake version of the site.

Now of course we should have made DNS reliable and secure to stop this, or at least done the very basic things found in the most up to date DNS servers, but even so, this attack should not have been enough.

That's because SSL certificates were supposed to assure that you were really talking to yourbank.com when the browswer said it was, even if somebody hijacked the connection like this. And they will. The phisher can't pretend to be yourbank.com with the little "lock" icon on the status bar of your browswer set to locked. But they can pretend it when the icon says unlocked.

And surprise, surprise, people forget to look at the icon. A lot. They turn off the warnings about transitions to insecure pages because they go off all the time, and nobody pays attention to an alarm that's always going off. Encryption and SSL are rare, special things limited to login screens. We tolerate all the rest of life being unencrypted and in the clear -- and vulnerable, just like the USDoJ wanted it.  read more »

When people watch TV with a hard disk video recorder, they always watch the show delayed, often by hours or many days. They all watch it at a different time.

It occurs to me it would be amusing to generate a system to allow the collaborative annotation of TV programs and DVD movies using the net, and DVRs like the open source MythTV, which would be a natural initial platform. Users watching a show would be able to make comments at various points in it. Either text comments, along the lines of "Pop-up Video" or even voice comments and jokes, along the lines of "Mystery Science Theatre 3000."

And indeed, people already do this real time. Just about every popular show generates a chat-room for people who watch it live near a computer. However, these are usually quite inane as they are done in real time with no filtering.

Thanks to delayed watching, we could change that. Each suggested annotation would be uploaded quickly to a server handling the particular TV show or movie. This would come with a pseudonym for the author, which would be tied to a reputation. All annotations would be sent out for viewing by a limited audience. For low-reputation contributors, a very limited audience. If that audience hits an "approve" button on their remote when they see the annotation, it would improve the score, and more and more early watchers would get to see and approve/disaprove of the annotation.

Eventually things would build up and you would have a series of highly approved comments for those who want to see a show with comments. I expect most comments would be jokes, but some would also be pointers to useful information or reasoned criticism. Authors might indicate what their goal is so that viewers could tune what sort of annotations they want to see. Viewers could also tune a threshold for how good the annotations have to be to see them.

Authors would indicate if their pop-up should show in a particular place on the screen (so that. like pop-up video, it doesn't block things.) Some viewers, especially those with big screen TVs, would shrink the image and redirect pop-ups outside the show.

However, there are some interesting problems to solve...  read more »

Dear [[blog-reader's name]]:

When it first started arising, in the 60s and 70s, everybody thought it was so cute and clever that computers could call us by name. Some programs even started by asking for your name, only to print "Hi, Bob!" to seem friendly in some way.

And of course a million companies were sold mailing list management tools to print form letters, filling in the name of the recipient and other attributes in varous places to make the letter seem personal. And again, it was cute in its way.

But not any more. We've all figured it out. Nobody says, "Wow, this letter has 'Dear Brad' in it, it must have been written personally for me." Nobody is fooled any more. In fact, the reverse is now true. It's bordering on offensive. If an E-mail starts with "Dear Brad" it is more likely than not to be spam.

Sometimes though, I get form letters from real companies I deal with, and they still like to put my name in it, like they used to on paper. As you probably know, in E-mail today, you don't put in salutations any more unless it's a mail to a stranger.

So let's get the word out. Stop it. No more form letters where the computer oh-so-cleverly manages to fill in a field with our name. (Unless it's amusing, and they are writing to "Dear Mr. Association") If it's legitimate bulk mail, don't try to pretend you're not bulk mail. That's what spammers do. Be honest that you're bulk mail.

If you have actual relevant data to fill in, fill it in, but put it in a table so I can skip the form letter garbage and get to the actual data about me you're trying to tell me. Put my name at the top in a nice computer-style box, "Prepared for: Brad Templeton."

Leave the use of my name to people writing messages for me. You're not fooling anybody.

Yours truly,
[[Insert name here]]

It seems that whenever you have a popular event, notably concerts in smaller venues and certain plays, the venue sells out their tickets quickly, and then ticket speculators leap in and sell the tickets at high margins. Ticket speculating (aka scalping) is legal in some areas and illegal in others. I don't think it should be illegal, but I wonder why the venues and performers tolerate so much of the revenue going to the speculators.

Or am I wrong, and this is not happening? Is it the case that often the speculators miscalculate and lose money so they only make a modest income? It doesn't seem that way to me. Now, there are many ticket brokers with large web presences (including some who sponsor my joke site) and tickets are commonly auctioned on eBay.

So why don't the venues or ticket companies create their own auction sites to auction tickets, with some fair system like a dutch auction, and keep all the money from high-demand events for themselves? Is it simply because this seems elitist and they feel it will annoy fans?

Currently, fans are annoyed because speculators scoop up tickets to high-demand events as soon as sales open, and such events sell out quickly, before actual fans can get them. That seems far worse to me. An auction system would actually allow lesser tickets to sell for less money and generate the same revenue for the event.

This seems so obvious, why isn't it taking place? Is it simply inertia, or a fear of requiring computer access in order to get tickets? While just about anybody can get computer access these days, dutch auctions can be done by phone if you trust the 3rd party managing the auction. Call in once, set your maximum bid for the various ticket classes you will accept, then find out the resulting price later. People at computers would have a small advantage, but not that much. The venue could set a floor/reserve price if they don't want to cheapen the value of their product.

Or is this a business opportunity for some company (or for Ticketmaster?)  read more »

Linux distributions with package managers like apt, promise an easy world of installing lots of great software. But they've fallen down in one respect here. There are thousands of packages for the major distributions (I run 3 of them, debian, Fedora Core and Gentoo) but most packages depend on several other packages.

The developers and packagers tend to run recent, even bleeding-edge versions of their systems. So when they package, the software claims it depends on very recent versions of other programs, even if it doesn't. This is not surprising -- testing on lots of old systems is drudgework nobody relishes doing.

So when you see a new software package you want, the ideal is you can just grab it with apt-get or yum. The reality is you can only do this if you're running a highly up-to-date system. Debian has become the worst offender. Debian's "Stable" distribution is several years old now. To run debian reasonably, even to just be able to upgrade to fix bugs in software you use, you have to run the testing distribution, and most probably the unstable one. I run the unstable, and it's more stable than the name implies, but ordinary users should not be expected to run an unstable distribution.

To get new software, you are often forced to upgrade, sometimes your whole OS. And that's free to do and often it works, but you can't depend on it. More than once I have lost a day of uptime to major upgrade efforts.

Let's contrast that with Windows. The vast majority of Windows programs will install, in their latest version, on 7 year old Windows 98, and almost all will install on 5 year old Windows 2000. This is partly because Windows has fewer milestones to test to, but also because coders know that it's quite a hurdle to insist users pay money to upgrade Windows. (And Windows upgrades are even more of a pain than linux ones.)

The linux approach ends up forcing the user to choose between the risky course of constant incremental upgrades, taking occasional random plunges into major upgrades, or simply not being able to run interesting new software or the latest versions and fixes of older software.

That's a failure. Non-guru users are not able to deal with any of those choices.

Testing with every different version of every dependent package (and every kernel) is not going to happen, but it would be nice if packagers worked hard to figure out what versions of dependencies they really need, even if they don't test it enough. Packages might say, "I was tested with 2.1, I probaby work with 1.0 though." Then wait for test reports and possibly report being tested with earlier and earlier dependencies.

This doesn't mean that sometimes you won't truly need the latest version of a dependency, and shouldn't say so. But it sure would make it easier for the ordinary user to particpate in linux if this was the exception, not the rule.

In this article about a wall-building robot we see another step towards automatic construction, moving the 3-D printer concept onto the grand scale. This is very interesting and could be expanded quite a bit. It notes that arms could add texture to ceramic walls, but I would go further.

Why not create a texturing head which consists of strong metal pins on high-speed servos. You could drag this over the surface of maleable material, moving the servos back and forth under computer control line raster lines. This would allow the generation of any digital image in 3-D on the wall to a limited amount of depth.

You could do simple things like textures, or pleasing graphics of plants or nice patterns, but sculptors could also generate interesting forms of art for people to place in 3-D on their walls.

This could also be done on modern drywall. A set of rails could be mounted on a wall. A robot would run on the rails, first applying stucco, then when it is at the right consistency, run the "print head" to place patterns or sculpture into the stucco.

You might be able to do full 3-D printing though I see that as harder to do on a vertical surface, by having a "stucco-jet" with various coloured ceramics in the pipes, and individually controlled pumps to push out the right material at the right time, possibly for further shaping by the servo-pins, though I suspect they would be better with monocolour.

Earlier I reported on Peerflix, which is implementing a P2P DVD sharing system with similarities to some of my own ideas. I have tried it out a bit now, and learned a bit more. I also have updated experiences with Peerflix.

The web site is marked beta and still very buggy, which is bad, but my first try on the service was first-rate. I mailed off my first DVD, Eternal Sunshine of the Spotless Mind, on Wednesday to somebody in San Jose (who almost surely got it today) and got the replacement for it — by strange coincidence another memory-related movie called Memento in the mail today. That is faster than most of the services, though people like Netflix could be this fast if they decided to take the same step and trust you when you said you mailed a disk, rather than waiting for it to arrive.

All this is good, but there’s still a killer flaw in the idea of actually selling the DVDs. All DVDs will have a limited lifetime of high-demand. As demand drops below supply, somebody holding the DVD at that time will get “stuck” with it, though you can fix that by being fast on the draw in agreeing to be the one to mail any new requesters that do come along.  read more »

Perhaps this is one of those ideas that some car has implemented and I haven't yet seen it. As many people know, in several years ago a number of cars arranged so that their interior lights would not go off immediately when you closed up the car. This gives you the ability to still see shortly after closing up the car and walking away.

Of course this also drives people nuts, because in many cases you can't tell if the lights stayed on because you didn't close a door properly, and you would end up waiting around to see if they would go off.

Some cars fixed this by having the light fade out, but that's still pretty slow and of course elminates the light you were hoping for.

I would suggest that cars develop some more overt signal, to be triggered immediately when the car has decided that all doors are closed and the car is off, and the lights will be going off in 20 seconds. Such as a quick blink pattern when you close the door, or a flash of the headlights, or a quiet sound or bright internal LED.

Seeing this blink pattern, you would be 100% confident the car is closed and you haven't left the lights on, and could walk away, lit for a few seconds like you want.