Extra Pepperoni

I use Handbrake to rip DVDs for my iPhone and Apple TV (and previously for my Treo 650, at much lower quality). It’s excellent, but takes a long time, and slows down the whole system while compressing. My PowerBook G4 wasn’t powerful enough to do H.264 compression in reasonable time, so I got into the habit of ripping the DVDs on the Mac with Mac The Ripper, copying them to the server, converting on the server, and copying back down to the iPhone through iTunes on the laptop. Transferring a full DVD via gigabit Ethernet takes under 10 minutes, which is why we have 3 1/2 gigabit Ethernet switches (8-port, a pair of 5-ports, and the 3 ports built into the Time Capsule) in a 3 1/2 person (2 grown-ups, a 5-year-old, and the cat) home.

Since then I’ve upgraded the laptop and replaced the server, so they’re now both 2.4GHz Core Duos, but I still prefer to avoid the load on my personal machine — especially now that we have an Apple TV, which likes large high-quality video files. The MacBook Pro runs HandBrake.app (Mac GUI), while the server runs HandBrakeCLI (Linux).

HandBrakeCLI is designed to convert individual files and is awkward for converting whole DVDs. Fortunately I found MediaForkCLI-batch.sh, a wrapper which is good at converting all the real titles from one or more DVDs; it automatically ignores short titles such as previews, and titles that have already been transcoded. Unfortunately MediaForkCLI-batch.sh is languishing, and hasn’t been updated for HandBrake v0.92, but it was straightforward to update it to the new syntax.

In the process I made some changes and added an alternate version with different settings optimized for our Apple TV. On the Linux box (named inspector), the scripts are ~/bin/appletv.sh & ~/bin/iphone.sh. I put newly ripped files into ~/tivo-inspector/input/ on inspector, and these scripts rip whatever they find there, generating files in ~/tivo-inspector/output/.

On the MacBook Pro, I keep video files in ~/tivo, and ~/tivo/tivo-inspector is a symbolic link to tivo-inspector on inspector, the server — mounted via AFP. This makes it easy to move files back and forth.

For convenience, I have a couple aliases on the MacBook Pro which log into the Linux machine, start a screen session, and run the appropriate script. This means that if I disconnect the laptop, I can later ssh back into the server and use screen -DR to reconnect to my running conversion session. When the conversion is done, the aliases open the remote folder in the Finder. I move the files back up out of input & output, drop them onto iTunes, and then either Sync the Apple TV (which gets copies of my whole iTunes Library), or sync them to the iPhone.

The scripts are appletv.sh & iphone.sh.

If you use these scripts, you should carefully review the encoding settings. In particular, I encode Apple TV audio to AAC stereo, because our Apple TV is connected to a pair of stereo speakers with a subwoofer; they cannot handle Dolby Pro Logic, which is better for most TVs.

You will also have to update paths in the scripts — to the input and output directories, and to HandBrakeCLI itself — to make them work on your own system.

Here are the aliases in sh/bash format; change the equal signs to spaces for csh/tcsh:

alias appletv="ssh -t inspectore time screen bin/appletv.sh; open ~/tivo/tivo-inspector"
alias  iphone="ssh -t inspectore time screen bin/iphone.sh;  open ~/tivo/tivo-inspector"

Our (cheap) 23″ LCD TV’s composite input gives lousy color. On the other hand, we’ve gotten loud buzzing noises a few times from its HDMI input, so we had our Time Warner (Scientific Atlanta) HD DVR connected to the composite inputs, and dealt with the lousy color and poor brightness. We also paid an additional $20.10/month for the second cable connection and DVR (Time Warner charges $9.95/month more for either HD or non-HD DVR than for a non-DVR cable box [HD or non-HD]). Now I wonder if the problem was with the DVR’s HDMI output all along. Oh, well — it no longer matters.

We do still pay $66.19/month for digital cable service upstairs. This lets Julia watch a couple kids’ shows a day, and Annette & Amy check the Weather Channel. Our (pre-paid) TiVo also records the shows we like, so we can watch upstairs, but we generally watch downstairs. Neither of us knows if we’ll watch more upstairs, or pay a few dollars a month to watch downstairs. It’s an experiment.

Since we watch most of our “TV” from (ripped) DVDs, and our Time Warner signal is very unreliable, and their service is lousy, I returned the DVR on Saturday. That $20.10/month should pay for a Netflix upgrade and/or several shows from the iTunes Store (no longer the “iTunes Music Store”, I noticed — I wondered how long that would take, but missed the actual switch).

Good candidates for iTunes ducats — (certain to total less the $241.20/year we’d been paying for the downstairs DVR):

• $10: 16 consecutive episodes (4 weeks) of The Daily Show ($2/ea) — we watch it infrequently these days.
• $20: a season of South Park.
• $26: a Torchwood season.
• Doctor Who isn’t available from iTunes, but we can watch it in VLC or upstairs, on cable.
• free: Battlestar Galactica (on cable, upstairs)
• free: The Sarah Jane Adventures (upstairs)
• free: Robot Chicken (downloaded and watched on a laptop)

The TiVo S2 has a built-in web server, and I use tivodecode to extract MPEG video, but it won’t play in QuickTime Player. They do play in the redoubtable VLC, but it’s not quite as polished. This is not presently annoying enough to justify purchase of Toast, which can convert .TiVo files for QuickTime or iPhone, but I am not sure if DRM would be a problem; they don’t provide any detail.

We haven’t yet purchased anything through (or for) the Apple TV yet — perhaps this week we’ll try it.

Outlook’s default behavior is to sort new messages to the top of mailbox windows. I prefer new messages at the bottom, but have noticed that when I start reading mail, threads with new messages appear at the top. So I tried reading mail the way Outlook wants me to, but it still sorted newer messages within each thread (”Conversation”) to the bottom of the group, and deleting messages still moved down (to an earlier message in this arrangement). Since it doesn’t work right either way, I might as well do it the way I’m used to: newest at bottom (as of the time I first display or last Refresh the mailbox; the newest stuff still floats to the top, which I cannot prevent).

Sometimes when I delete messages, Outlook selects the next message down (which is correct, given that I view messages in ascending date order). Other times it selects the top message in the mailbox, which is only the right thing to do if it’s the last message in the mailbox. This inconsistent behavior may be connected to whether any off-screen messages are selected, but that shouldn’t matter. I shouldn’t have to wonder where the selection will go, or try not to select messages across more than one screenful at a time, or rush through selecting and deleting mail or collapsing threads, for fear of a new message coming in, removing my selection, and selecting, previewing, and (almost) marking one of those messages read, before I had a chance to delete, mark, or collapse it. This means that if client-side filters are active, the user must wait after launching Outlook, until it’s finished filing messages into the current mailbox, as new messages will constantly disrupt the selection until Outlook is finished running client-side filters. Even if Outlook has been running a while, it’s easy to select a few messages for processing, be interrupted by new mail, deal with whatever was previewed and start selecting again, be interrupted again, and have to deal with the second undesired selection/preview before attempting to return to manual selection for managing email. Amazingly frustrating, and a great way to “lose” unread mail.

With a multi-monitor setup, the best way to use Outlook is with the mailbox filling one display and the attached preview pane covering most of another display. Unfortunately, as I select different mailboxes, the preview turns off. Each mailbox has its own preview state, which is important because I generally only read messages (via preview) in my “fresh” search pseudo-mailbox. In other mailboxes, clicking a messages shouldn’t mark it read, so preview is a bad thing everywhere except in “fresh” (and often in “fresh”, as well!); unfortunately, viewing messages in their own windows is prohibitively slow. The very confusing thing is that sometimes Outlook spontaneously turns off the preview and shrinks the mailbox to its size excluding the preview. This leaves the mailbox covering one display but not extending onto the next; it looks maximized, but isn’t actually in the maximized state. When I switch back a mailbox with preview on (”fresh”), it reappears one character wide, rather than covering most of the secondary display as before. Very aggravating — I think the workaround will be that I must use one window for my “fresh” filter (with preview), and another for other mailboxes (no preview). Hopefully I can escape more bites from these two bugs.

In Outlook, it’s impossible to mark a message (un-)read from the message window, or even to determine directly what mailbox it’s in. I find myself searching across all mailboxes by title and refining by date (which I can see in the message window) to find out it message is, so I can mark it unread for later attention. It’s also impossible to open a message in a new window from the reading pane; the workaround is to Shift-Tab back into the mailbox window and then hit Enter to open a new message window from there.

I often want to delete a collapsed thread (”Conversation”). Outlook insists on expanding it first, which wastes time and often results in unread messages appearing and then being deleted — disconcerting, as it gives the impression I’m losing important (unread) mail. Worse, Outlook cannot mark a thread unread without expanding it, which moves the selection into the thread and marks that one or two messages read when deselected (unless the selection lasts a second or less, as I have set Outlook to mark messages read after a second, because I cannot eliminate the delay, and above one second it doesn’t automatically mark short messages which I read quickly as read; I have to go back and mark them read manually later). If I have just read a new message in threaded mode, and want to mark it unread, I have to either hit Control-Q to mark it read or move to another message and back (assuming I’ve had the current message previewed for at least a second), mark it unread (Control-U), then hit left-arrow to collapse the thread.

Worse is when I want to mark a whole thread unread (more common). Then I have to collapse the thread to implicitly select the whole thing (switching to and from the mouse slows me down, and I get too much mail to be inefficient in dealing with it); hit Control-U to mark the whole thread read (implicitly expanding it), then hit left-arrow within a second to collapse it again before Outlook decides I’ve read a message in preview.

When I delete a message, Outlook immediately selects (and previews, in “fresh”) another message. When I’m reading mail, this is generally what I want, so I can deal with the next message. When I’m trying to delete or file mail, it means Outlook automatically starts the process of dealing with another next message, and unless I’m very quick marks it pseudo-read (as soon as I deselect), so I must decide what to do about the new selection. This makes it harder to stop reading mail in the current mailbox, as every time I complete an action, Outlook picks the “next” message and engages me in dealing with it; stopping without losing unread status on a message I haven’t actually read yet requires contortions. When I know I’m about to stop, I tend to deal with a message or thread and then hit Control-up-arrow to jump to the top of the mailbox, which should be the first message I read (so already marked read), but is often a new message that’s come in recently; I then have to decide on and handle that before I can move on to another mailbox or activity.

Normally, when a thread (”Conversation”) is collapsed, Outlook deselects its messages. Sometimes (unpredictably) it still shows the preview for a hidden message, which breaks the Control-Q Control-U left-arrow dance, and I have to instead hit Control-Q Control-U left-arrow up-arrow to get a collapsed unread thread.

F5 (Refresh) doesn’t clear collapsed conversations; this is annoying. On the other hand, sometimes messages disappear immediately upon being marked read, which means I don’t even get a chance to mark them unread; they’re effectively just gone. I have no idea what triggers the second problem; fortunately it’s rare, as it tends to result in losing mail — often mail I was saving for later attention.

Control-Q marks individual messages read, but cannot be used on whole mailboxes (with the selection in the left-side mailbox column). There’s no good reason for this, as marking whole mailboxes read is a common function, and in the pop-up menu, it just doesn’t have the obvious keyboard shortcut.

Outlook cannot select multiple mailboxes at one time, which is ungood; on the other hand, it makes an effort to be helpful — when I select a mailbox, it kinda-sorta move the selection into the message list (which is pretty reliably what the user really wants, since you can’t do much with mailboxes except delete or move them). It’s all a bit confusing.

If I have a message which has been previewed for over a second, I know it’s effectively read (it will be marked as such as soon as I deselect it, unless I drag it into another mailbox first). It would be good if I could use Control-U to tell Outlook not to mark this message read as soon as it gets deselected, but instead I have to mark it read, then mark it unread, and then move away within a second — before the preview timer marks it mostly-read again.

We got an Apple TV this week, and it’s excellent, although I tripped over some serious network problems (more Mac problems than Apple TV problems, actually).

Compared to our TiVo (upstairs) or our Time Warner Scientific Atlanta HD DVR, the Apple TV is surpringly advanced. The SA box keeps losing signal (probably TWC’s wiring at fault, but they keep not fixing it), and is much larger (and noisier) than the Apple TV; basically it’s a piece of junk, but it’s substantially cheaper than another TiVo. We’ll probably get rid of this DVR and our downstairs cable connection in favor of the Apple TV very soon.

Comparing the Apple TV to the TiVo is more interesting, not least because people have been comparing the two companies for years, and keep demanding that Apple build a TiVo killer (both before and after the Apple TV release). Given how badly cable companies stink, it’s hard to believe Apple should embroil themselves in this mess, but they seem to be doing okay with the iPhone, and phone companies aren’t much better than cable companies. People also want Apple TVs to play DVDs, which is an obvious feature, but would be less profitable for Apple than iTunes Store rentals and purchases. But back to the comparisons.

The SA DVR has exactly one advantage over the TiVo (aside from price): its “Ouija board” — when you need to “type” with a very limited keyboard, the TiVo makes it possible but not easy. The SA box improves the experience dimming (and skipping over) invalid letters (which would spell words that don’t match the list of available shows). The Apple TV, interestingly, has an unimpressive on-screen keyboard and a very limited remote (it’s the same one Macs ship with, meaning 6 buttons: 4 directions, play/pause, and menu/back). But it’s easier to use, because the Apple TV doesn’t lag behind user input as much (it doesn’t have to match input against all possible titles, remember), and tactile response is very good; I only made one typo when entering usernames of several friends, and it was easy to correct, even though Delete is an onscreen selection (no Clear key, as on the TiVo remote).

This brings us to another interesting comparison: the SA box has Internet connectivity (I think it’s channel 996 that shows the current IP), but doesn’t use it for anything except the electronic program guide and purchasing pay-per-view (which we don’t do). The TiVo adds TiVo-to-TiVo transfers of shows (we only have one, so haven’t tried it), scheduling via http://www.tivo.com/tco/, an unsupported web server which allows downloading encrypted/watermarked television shows, and the ability to run applications from a server (either at home or across the Internet). Applications allow you to play music or slide shows from a Mac or Windows PC, or slide shows (from your Picasa or Yahoo Pictures account — but not Flickr, even though Yahoo owns Flickr!). Unfortunately, you cannot combine these applications, so it’s impossible to listen to music while watching a slide show on the TiVo. TiVo has apparently dropped support for third-party development.

The Apple TV, on the other hand, does this all much better. Out of the box, it comes with a set of high-quality flower photos, which run as a slide show when idle. Music can be a) played from the Apple TV’s hard drive, b) streamed from iTunes on a Mac or PC (controlled from the Apple TV), or c) streamed from within iTunes in AirTunes+ mode — iTunes sends audio and ID3-style metadata including cover art over the network to the Apple TV. In any of these modes, track information is displayed onscreen, and if the Apple TV is left idle, the it starts showing a slide show (ours is photos of Julia, of course); this doesn’t interfere with music playback at all.

Compared to TiVo’s lousy support for Yahoo Photos (!?!) and Picasa (they want you to create your own account and log into it before downloading any photos), the Apple TV supports Flickr and .Mac photos, as well as the owner’s own via iTunes, of course. There is a clear hierarchy of user experience here: no support on SA/TWC; poor slide shows or mediocre media streaming on TiVo; high-quality music and photos on the Apple TV, pre-loaded with nice photos for a superior out-of-box experience.

One of the few things I regret about the Apple TV is that I bought it from Apple; I didn’t get an educational or corporate discount, so I could have gotten it faster for $15 less from Amazon (via Prime), but when I tried to cancel the order at store.apple.com it had already gone through (less than 5 minutes after pressing Submit). This should be the worst problem I have with the new gadget!

Unfortunately, it wasn’t. The Apple TV would not synchronize content from iTunes; I was able to play music through it (AirTunes), but it mostly refused to show up in iTunes’ DEVICES list. I got a warning about port 3689 possibly being blocked by a firewall, which I initially ignored, knowing I had specifically allowed iTunes to connect through Leopard’s “socket firewall”.

pepper@prowler:~$ grep 3689 /etc/services 
daap            3689/udp    # Digital Audio Access Protocol
daap            3689/tcp    # Digital Audio Access Protocol

The second time I got this message, with iTunes’ Preferences claiming the Apple TV was synching even while it wasn’t fully accessible, I did some searching, and found out that indeed several people needed to open up the socket firewall before Apple TV synching would work. I did this, and lo and behold, our Apple TV now has the proper 12gb of video, 51gb of audio, and 3gb of photos it should. It’s bad that iTunes wasn’t properly whitelisted in the firewall, but it’s much worse that people need to turn off a security feature to make the Apple TV work. Fortunately, after I switched the firewall back to “Set access for specific services and applications” (where it should be), the Apple TV continued to appear and synch properly; bug filed with Apple.

That brings up another bug: we have a Gigabit Ethernet network (3.5 switches — 8-port, a couple 5-port, and the 3-port built into our Time Capsule) and an 802.11n network, but unfortunately the wireless doesn’t work right. At 5GHz, I keep losing my connection; at 2.4GHz it stays up everywhere except the guest room (which has no Ethernet), but speeds throughout the apartment are poor and connectivity is less reliable than our 802.11g Airport Extreme network. Since I haven’t fixed this yet, I much prefer to do large transfers over the wired network.

The Apple TV connects to a running copy of iTunes to download content; in my case, most of the connections (once I got past the firewall issue) were to the AirPort IP address, which prevented them from making progress on the 65gb transfer. I had to disable AirPort to force the Apple TV over to the Ethernet connection, which was much faster; after it was done I re-enabled AirPort, but that’s another bug (also reported, and yes, I do have System Preferences set to prefer Ethernet to AirPort).

I’ve been reading The Register for years. The biggest draw for me is that their idea of what’s interesting matches my own pretty closely, so the relevance is very high, and I don’t know any other sites/publications that provide timely coverage in roughly the same space.

Unfortunately, they’re clowns. They obviously don’t edit, and don’t fix obvious mistakes when pointed out. For a while they had opposing columnists, one claiming Intel was crushing AMD and another claiming AMD was crushing Intel — posting supposedly authoritative articles on the same days. My interpretation was that The Register doesn’t care whether they print stuff that’s flat wrong (obviously at least one of those columnists was, even if they were both personally convinced it was the other guy), so long as it draws traffic. This is one thing if labeled as editorial, but they’re not that sophisticated.

Their articles are confused or simply wrong often enough that a couple friends refuse to read anything they publish. I prefer the current facts enough that I am willing to overlook the absurd editorial.

They use FeedBurner, and downloading their articles over EDGE on the iPhone is slow. To aggravate matters, their CSS is screwed up; I have to wait for the page to download, then it resizes, then it pauses and downloads some more, then it reflows. It can take over a minute to get a readable article. The AV Club is even slower to download and reflow, which is one reason I read it less.

But recently The Register has started doing full-page ads before the articles. This is aggravating on a desktop, but completely unacceptable on an iPhone. I’ve removed their feed from NetNewsWire/NewsGator.

Half because WordPress really needs to stay upgraded, and half in hopes of fixing the Admin-SSL bug which was blocking posting, I upgraded to WordPress 2.5, a compatible beta of Admin-SSL (now under new management), and a few other plug-ins.

Not knowing how well the upgrade would go, I did the safe thing — I installed WP 2.5 separately from the live Extra Pepperoni site, installed and configured all the plugins I use (with my personal patches), created a new MySQL database, and configured everything, including a couple test comments (not as myself). After I got it working, I brought down the old site, moved the new one in place, reconnected it to the old MySQL DB (with all posts and comments), clicked the button to upgrade, and we’re up.

Unfortunately, there’s still a problem with comments. When I log into a new account to comment, I get a link to https://secure.reppep.com/wp-admin/profile.php, which is bogus; it needs to be https://secure.reppep.com/ep/wp-admin/profile.php. If you have an existing account (Tony), you might be able to login through https://secure.reppep.com/ep/wp-admin/ and comment, but it seems that viewing an actual post (which must be non-SSL) still loses its association with the login session, so you can visit the HTTP site as an anonymous user, or use the HTTPS site as your registered user, but the plaintext side has no access to comment, and the encrypted side doesn’t show the posts you would want to comment on. Hopefully BCG will be able to fix the problem in Admin-SSL. He’s already fixed the Preview function.

Also freaky: When I log into EP as a brand-new user (to comment), I get the Dashboard, telling me I (the brand-new user) have 184 posts. I didn’t think Subscriber users saw the Dashboard, but the post count is definitely bogus.

I did the initial installation as a Subversion checkout, which is very cool. Now, though, I have to create my own private WP hacks repos (easy), and figure out how to set up externals to pick up my additions.

A tip: Don’t try to check out the WordPress source over AFP; the permissions weren’t right, and the checkout couldn’t complete; when I did it locally on the Linux server, there was no problem. I hadn’t even noticed I was running “svn co” on the Mac instead of the server, but it was easy to fix once I noticed the cause.

I found a couple pages of Outlook keyboard shortcuts (the online help lists shortcuts too):

• http://www.hongkiat.com/blog/80-keyboard-shortcuts-for-microsoft-outlook/
• http://www.rnib.org.uk/xpedio/groups/public/documents/PublicWebsite/public_rnib003594.hcsp

Many of these are standard Windows shortcuts, but a few are useful and news to me.

Eudora stopped working on my home MBP recently, so I’m back to Thunderbird, and it strikes me how similar Thunderbird is to Outlook, even extending to some misfeatures (design flaws, not quite bugs), such as over-using the Esc key. Compared to Eudora, pine, and Apple Mail, Thunderbird is clearly much closer to Outlook. A few things are notable improvements, such as being able to mark messages Read and Unread with the M key, instead of Ctl-Q/Ctl-U, or S to flag messages (stored as an IMAP tag; this shows up in Eudora as Label 15). And with a mailbox selected, Ctl-Q doesn’t mark all its unread messages read, which it should.

In both Outlook and Thunderbird, Esc closes message windows; this is inconsistent with all other full windows, which are closed with Command-W, and makes messages feel particularly ephemeral. In Outlook, when I open a received message and hit the Space bar to scroll to the next page (which works in every other email client and browser I know), it instead inserts spaces at the beginning of the received message, which if course is not what I want.

I cannot find a good way to sort threads by date; I’d like every thread (perhaps every thread with new messages) grouped together, with the messages in each thread sorted internally by date, and the threads sorted by date (typically of the first message). In Outlook I can group “Conversations” by Subject: or group by From: line, but new messages keep showing up at the top of the mailbox, instead of the bottom (where they should sort, by date).

I have figured out more what’s wrong with Refresh. First, I have to hit F5 repeatedly to make Outlook clear more and more read messages from unread-only views; second, collapsed conversations are not cleared; I have to expand them out and then hit F5 again. This is particularly annoying because Outlook has such a strong tendency to always keep one message selected and thus read (although it’s not marked read, so I cannot simply mark it unread; I have to mark it read, then mark it unread, and then make sure Outlook doesn’t preview it again), so it’s quite difficult to reorganize a mailbox and get to a “clean” view (only new messages/threads) without losing some messages which Outlook insisted on selecting/previewing/marking read while rearranging.

And a little attention (not “love”) for IE: I still hit Ctl-L to select the URL for copying, and IE7 still fails to do it, bringing up a blank URL entry dialog, instead of selecting the URL in the current window as Safari & Firefox do. I shouldn’t need the mouse to copy the current URL.

Our original TiVo (hacked with web & FTP servers, 100mbps Ethernet, and 120gb hard drive) started showing a scrambled image; this has happened three times in the past, each time requiring drive replacement. The process is sufficiently awkward that when I put in the current 120gb drive, I decided to replace the TiVo entirely next time, rather than the drive — with a MythTV or something else.

After TiVo’s current promo, a TiVo Series 2 Dual Tuner (80gb) cost $80, which is entirely reasonable. I’ve been watching mostly ripped DVDs on the iPhone lately, so I was less worried about the fact that S2 and later TiVos encrypt the media files on disk, and were significantly harder to hack.

After installing the new TiVo, we discovered the problem is actually our Time Warner Cable signal again. They’re supposed to be here this week, and hopefully will be able to fix our problem, although we don’t have much confidence. They scramble the analog signal, thus breaking the new TiVo’s signature feature (dual tuners — the second one supports unencrypted analog cable, if we had it).

As it turns out, the new TiVo is a bit faster and much easier to download from; and onscreen UI is more capable and prettier. Unfortunately, it’s also crowded with junk (unwanted features) we cannot remove, but they’re easy enough to skip over and don’t impact the normal TV-watching experience. I’ve downloaded and watched a bunch of music videos, which is nice since MTV doesn’t show music videos any more.

Oh, and getting MPEGs out of the TiVo seems easier too — tyc was problematic, but tivodecode works, so long as I watch in VLC instead of QuickTime Player (which only shows the first frame, while playing back all the audio).

Amy and I were walking across the Gowanus Canal to see Miss Pettigrew Lives for a Day, when we came across this amusing Easter residue (on Saturday, so pre-Easter, no less!). I like Peeps, but not that much. Amy dislikes Peeps, but not that much. Her comment, upon hearing I intended to submit this photo to Miss Heather? “It’s not a poop. It’s a peep.”

Despite not being feces or canine, this still seemed right up Heather’s alley.

I got Exceed, and after reassigning my left modifiers to X instead of Windows, kate is quite reasonable. It uses kompare for graphical diff, and comes with some CVS plugins. I prefer BBEdit’s diff display (although BBEdit’s diff has been broken for years). I’m not sure how I managed to view a couple windows in xemacs from kompare, but I can probably avoid that in the future…

kate is clunkier and less featureful, and not as configurable as I expect — the commands I want to assign to the toolbar, for instance, are not available in that context. On the other hand, BBEdit doesn’t use a toolbar at all, and rearranging menus is only supported in limited ways, so I’m not convinced kate is inferior here — it may just feel like that to me as a BBEdit user. Hopefully Subversion support is available for kate, but that doesn’t actually matter to me right now.

I need to get Copy & Paste working between Windows (including PuTTY) and Exceed; hopefully this will be straighforward, but it doesn’t just work.

Per IDM, UltraEdit cannot be installed without admin rights, which I do not expect to get, so that’s out — at least until they offer an alternate installer.

kate icons are a bit fuzzy, but they fit the Linux aesthetic, and the fonts are very nice.

I can write Outlook rules to match on Subject strings, but it lacks “Starts with” instead of “Contains”, so I cannot specify original messages, and distinguish from Re: for replies.

The filter area shows a list of criteria with checkmarks at the top with blue underlines under the keywords. The bottom shows the same labels, with the same blue underlines. But at the bottom they’re “links” to dialog boxes for entering the criteria, while at the top the same “links” aren’t clickable. Way to mis-use a visual cue, and do it in the most confusingly inconsistent way possible!

Oh, and the rules dialogs are all modal, so once I start creating a rule, I cannot open candidate messages to confirm the rule matches.

I’m still aggravated that I cannot match on partial strings, like “The Notification Agent” or “root@” (acrosss multiple machines) in the From: line. Matching on Subject: (especially unanchored) is much less precise.

When I delete multiple messages, why does Outlook select a random message, instead of the next one?

In Conversation mode (which would be a lot more useful if it didn’t waste 2 messages worth of space per “Conversation”), if I use down-arrow to select the next conversation, it expands the conversation instead. Use left/right to collapse/expand converations — they aren’t needed for mailbox navigation! At least Control-KP+ expands all Conversations.

I hit the accursed 32k rules limit. Despite this post, our systems cap rules at 32kb total (client-side + server-side). Apparently this will go to 256kb, once we’re upgraded to Outlook 2007 and Exchange 2007. In the meantime, I’m spending a significant amount of time every day trying to make Outlook 2003 do decent filtering, with very limited success. In particular, Outlook is apparently unable to filter From: “root@*” as a catchall. This would make alerts easier to parse, as distinct from human-originated messages. Yuck!

pctony (congratulations on your Apache httpd PMC membership, Tony!) just informed me that comments here are broken. I knew Preview was broken, and am guessing that it’s a problem with my configuration of Admin-SSL, but hadn’t known it affected anyone other than myself. Admin-SSL in this configuration creates a disruption between the public (reading) side and the SSL-encrypted authenticated side, and preview & user logins for commenting both appear to be falling into that crack.

If I can’t get Admin-SSL working this way, I’ll come up with something else, although at this point I’m hoping Haris can tell me how to sort myself out.

In the meantime, I’m sorry for the inconvenience (especially Tony’s).

His two suggestions were to quote the path in the UltraEdit installer, or to use “dir /x” in CMD.COM to find the DOS-style 8.3 pathname of the destination folder. Unfortunately, I seem to have been wrong about the cause for their installer’s terribly vague “1925″ error message, as I tried another viable path (not containing spaces) today, and UE failed to install there too. Perhaps it’s a registry access issue — I sent email to IDM Software, and hope they have a more useful suggestion than “become an administrator”.

Q: I have several rules to mark bulk messages as read. How stupid is it that Outlook 2003 beeps, shows me the new mail notifier window, shows the new message in my “Unread Mail” filter; and then marks the message read and hides it?

A: Very.

It’s difficult to get a mailbox (”Search Folder”) or View/Filter to update; I’ve hit F5 (Refresh) several times, and watched read messages drop out of my “Unread Mail” search most times (but not reliably), but I haven’t had the patience to keep hitting F5 enough to see if the list of messages would eventually correct itself. I’ve switched to other mailboxes and back, but that doesn’t work most of the time either.

I just got a 1tb Time Capsule — it was a natural accessory for my new MBP, since I finally have a Mac with 802.11n support, and I routinely move large files or folders (500gb-8gb) around our home network; I also like the GE ports.

The Capsule replaced a WRT54G (hacked) and an AirPort Extreme — the APE is now serving as a print server in WDS mode (overkill, but otherwise it would just sit on a shelf, and the print server is handy). It is also providing backup space for all three of our laptops (including Julia’s), and the magic of Time Machine seems like a good security vs. convenience compromise — keeping conventional AFP or SMB shares from reppep.com mounted all the time on all three laptops would be suboptimal. Time Machine seems to handle mounting & unmounting gracefully.

On to the meat of my problem, though: Once I set up the Time Capsule, I noticed my MBP (10.5.2 latest) was getting the TC’s IP as its only DNS server via DHCP. This is annoying, as I configured the TC with 2 upstream DNS servers, and I want it to configure my Macs with at least those two; if the TC inserts itself first that’s fine, but it shouldn’t be my only nameserver.

The problem is aggravated (considerably!) by the fact that the TC is not actually serving names. My dig queries against it all time out.

On a related note, nmap points out that the Capsule is running an FTP server, which I (fortunately) cannot actually log into. I don’t see FTP anywhere in the UI or help (aside from a note about forwarding FTP through NAT). FTP is evil, and I don’t want it on at all! I know why ports 139 & 445 are open — to support SMB/CIFS and WINS, which I could configure but cannot turn off — but why RTSP and RealServer ports, and port 10,000?? I cannot get anything out of 10,000, so it’s not a normal Webmin, but what is Apple doing here??

I filed 3 bugs against Time Capsule, one against AirPort Admin Utility, and one against SP:Network, which I discovered while working around the TC DNS issue.

Meanwhile, I’m not holding my breath for answers & fixes from Apple. Do you all have more information about what’s going on here? Do TC users find a) the TC is the only only nameserver assigned via DHCP, and b) it doesn’t actually work as a nameserver??

This is odd. I have to use View Options to see full headers (in the Message Options window), but while that’s open, the main Outlook program is visible but completely unresponsive. Message Options is apparently a super-modal dialog, which blocks “other applications”, and the Alt-Tab task switcher doesn’t even show the main Outlook icon. I thought Outlook had crashed, until I realized it was accessible again after I dismissed Message Options.

In fairness to Apple, I’ve seen cases in Leopard where Apple’s Command-Tab task switcher only shows some of the currently running applications (it sorts itself out fairly quickly), but Windows’ super-modal behavior is fscked up, and designed into the application (or the OS!).

After DreamHost’s breach 8 months ago, I was aggravated at their poor handling of the situation, but willing to give them the benefit of the doubt, and still happy with their low prices and flexible services.

With the new bad news and worse confirmation (still with poor incident handling), though, it’s time to get out of dodge.

I have moved Extra Pepperoni back onto my own hardware. I started blogging on Apple’s Blojsom install, but gave up on Tiger Server for Blojsom (and Mailman) because the services kept silently shutting down, leaving me to notice they were disabled days or weeks later (no fault of Blojsom or Mailman — Apple didn’t do a good job porting SpamAssassin either). Bringing up a WordPress blog and mailing lists at DreamHost was easy and cheap, but that’s no good if they are unsafe.

I’ll look at moving a couple very light-duty Mailman lists off DH next, but the lists are so lightly used I’m not too concerned. There just isn’t any confidential information on the mailing lists, aside from their tiny subscriber lists.

Ah, well. I now know much more about WordPress and MySQL than I cared too, but the setup wasn’t too bad. I hadn’t realized how many customizations and tweaks I made to WordPress until it came time to recreate them on my own system:

1. Almost Spring theme (included by DreamHost); with minor hack
2. PHP Markdown Extra; with minor hack
3. MySQL admin UI
4. WP-DB-Backup (DH included one, which I’m no longer using)
5. mod_rewrite for permalinks
6. Admin-SSL, with “Shared SSL” tweak, integrated into my existing SSL site (meaning EP is available through two different “sites”, and I have to keep the Apache configurations reconciled)
7. Twitter
8. WP-Cache (DH standard)
9. Akismet anti-spam registration
10. Technorati pinger (came over automatically with the DB).
11. Fix for widget.php to use legal JavaScript tag.

I’ve been using Windows on a daily basis for 9 days now. At Rockefeller, I kept it on a VM (earlier, on a physical PC) which I could easily wipe and reinstall. I kept the few installers I need on a Mac so I could easily reinstall and be back in business. Now I have to do much more in XP/Outlook, and I have many gripes.

Things I Miss

These are mostly lacks in Windows, although not entirely.

• In the Alt-Tab task switcher, I cannot Hide (Command-H), Quit (Command-Q), or click an application’s icon to switch directly to it. This is aggravated by the fact that icons in the switcher often correspond to windows rather than on the Mac, where they correspond to applications (each with one or more windows), so there are many more icons to Tab through, and often several indistinguishable windows (4 Firefox windows generate 4 identical unlabeled icons; so do 4 open messages in Outlook). Considering Windows has had this feature for longer than Apple, it’s shockingly underpowered.
• I cannot hide the current application (window) from the keyboard (Command-H), or Hide Others (Command-Option-H).
• I miss BBEdit — working with notepad and vi for now; UltraEdit’s installer (recommended on TidBITS-Talk) doesn’t work in my environment. This will get worse as I start writing and editing more (code).
• BBEdit (particularly side-by-side diff and interactive reconciliation, which I should be able to find an alternative for, but sdiff isn’t it).
• bbedit (I miss opening files from the shell, including via sftp and from for loops).
• ssh keys for authentication.
• Seeing my personal email throughout the day — the financial/SEC/Sarbanes-Oxley environment requires a lot more separation between personal and work activities.
• Options (program-wide preferences) is not available from message windows — only from the mailbox viewer window. This is true in Thunderbird/Mac too; presumably copied from the MS model.
• Good filtering: Outlook’s filtering is very much wizard-driven, but not very flexible (no booleans & very limited criteria available); two filters that try to file the same message will put 2 “copies” of the message in different mailboxes; some options are handled on the server, while others are only performed on the client.
• BlackBerry filtering: The BlackBerry Curve shows everything in one mailbox; I’d like to see things grouped as I do on Outlook.

Things that bug me

• I can make Outlook sort a mailbox with the newest messages at the bottom (the default is newest-at-top), but then when I click the mailbox, Outlook selects the bottom (newest) message in a mailbox, whereas I want to read oldest first.
• I can make Outlook allow commas as address delimiters (which is what they are in the actual mail messages), but then I cannot type names, because we have autocomplete disabled and Outlook doesn’t recognize a correct “Last, First” recipient when it’s set to allow commas as delimiters (even though Outlook uses them once I click Check Names).
• Keyboard nickname completion (Command-L in Eudora); I can’t find a way to assign a keyboard shortcut to Check Names.
• I try to keep my mailbox “caught up” or “clean” (all messages read). Outlook doesn’t mark a message read until I deselect it. This means that when I’m done, to have it stop showing that last message as unread, I have to select something else.
• When I’m reading a bunch of new messages, and Outlook selects one I don’t want to read (see above about selecting the bottom/newest message), I have to click another message to get the Mark Unread contextual menu command; then I scroll up to the top and click on the first message.
• AutoCorrect absolutely would not let me type “SAs” (System Administrators) until I killed it.
• MS Office Communicator flashes in the Start bar and the Alt-Tab switcher, but it flashes the main window’s icon, instead of the one for the conversation with new activity. That’s just dumb.

Things I like

• Outlook can show me mailing list (group) membership. It’s called “Outlook Properties” in the menu, despite being maintained on the Exchange side, but after I got over thinking that couldn’t be the right place, this is quite handy.
• Outlook checks group memberships automatically when filtering; this cannot be turned off, so I cannot filter messages sent to a list separately from messages sent to a member of the list.

DreamHost wrote back, and the news isn’t good. Someone sent them a list which is apparently circulating, of username/password pairs for “FTP” accounts; one was mine. I had hoped that if a password leaked it was my old password, which I replaced back in June (on my birthday) when DreamHost told me they got hacked. No joy, though — the password they received was active on Extra Pepperoni (and chrispepper.com) until they sent me mail yesterday; I don’t use it elsewhere and changed it last night, but that means someone had access to EP very recently. It looks like nobody ever used the account, but methinks it’s time to install MySQL and WordPress on www.reppep.com, and probably Mailman too.

Crud on a cracker!

http://www.finjan.com/Pressrelease.aspx?id=1868&PressLan=1819&lan=3

And I still have no idea how they got me.

I got a message from DreamHost tonight which both confused and disturbed me.

Telling me there’s evidence that I have been intruded upon is scary — but what was the evidence?? Without more information, this is upsetting but not helpful.

I only access this account from fully patched Macs under my direct control. None of them were running Windows spyware, and I know there hasn’t been a hardware keylogger in operation on my equipment recently (I don’t believe every, but I’ve been doing lots of work on my equipment lately, so I know not recently). It’s certainly possible I got hacked by some brand-new Mac OS X exploit, but (especially given my understanding of DreamHost’s security model, which entails emailing plaintext passwords at the drop of a hat) I consider it considerably more likely this is a false alarm or miscommunication.

Especially given that, despite “we have reset your password”, the affected account’s password was NOT changed. I logged in normally and changed it myself. This makes me very glad that I created a brand-new password only for DreamHost last time they got hacked. On the other hand, I could have been sniffed logging in over the Internet (most of their access is unprotected); I only set up SSL for administration of Extra Pepperoni a month ago…

We’ll see how they respond to my request for clarification.

In the meantime, I am worried and aggravated.

It’s also somewhat suspicious that the timezone is UTC, considering that DreamHost is in Los Angeles. If it wasn’t the right panel.dreamhost.com hostname, I’d think this was an attempt to get me to submit my DH account information to a spammer, but that information isn’t worth much.

To: “Chris Pepper” <—-> From: DreamHost Support <support@—-> Subject: [reppep ----] Account Concerns… Date: Fri, 7 Mar 2008 02:20:34 +0000 (UTC)

Dear DreamHost customer,

We have found evidence indicating that your ‘reppep’ web server account may have been subject to intrusion by a malicious 3rd party. As a precautionary measure, we have reset your password and ask that you change it, here:

https://panel.dreamhost.com/index.cgi?tab=users&subtab=users& current_step=Index&next_step=Edit&usid=1532237

At this time we have found no evidence to suggest that there has been a breach of our internal security. We believe that the passwords in question were likely obtained through the use of spyware/keyloggers/malware, possibly installed on your personal computer.

In order to secure your account, we ask that you immediately follow the recommendations provided in the DreamHost AbuseCenter - particularly those involving the removal of malware. You may visit the AbuseCenter, here:

http://abuse.dreamhost.com/cracking/#exploits

If you have any questions or concerns, please let us know.

• DreamHost Abuse/Security Team