My Word with Douglas E. Welch
A place for the neat stuff that surrounds my life
Subscribe to Douglas' Newsletter today!
WelchWrite Newsletter
The WelchWrite Newsletter is delivered by email each month to my clients and interested others. Click the link above to view the October edition directly from the WelchWrite web site.
Past editions (2003) are available for April, May, June, July, August and September
Email me if you would like to subscribe!
More Halloween Books
I missed a couple books in my Halloween book list last night. Here they are...Enjoy!
Hallowen (and more) Books
I have been raiding the library over the last week, looking for Halloween ideas. When you have a 5-year-old it gives you a little bit of an excuse. I am also helping to set up and operate the tiny haunted house for my son's school. It is only open for about 2 hours on Halloween Day, right after school, but it should be fun. I am using it as an excuse to build more props and effects for my home haunt on Halloween. Any excuse in a storm. (SMILE)
Scarecrows: Making Harvest Figures and Other Yard Folks | Tricks & Treats: The Ultimate Halloween Book | All About Scarecrows | The Great Halloween Book | Halloween: 101 Frightfully Fun Ideas | Halloween Pumpkins & Parties: 101 Spooktacular Ideas | How to Haunt a House for Halloween (Halloween Book)
Career Column
Career-Op: Describe Yourself
by Douglas E. Welch, ComputorEdge Magazine
The success of your high-tech career may depend
on how well you describe your expertise and the work you do.
This became clear to me recently, when I visited the monthly San
Diego WebDesign Meetup. During a quick set of introductions, I
was happily surprised by how clearly and easily people described their
work. In my past experience, people often stumble over these items,
trying to invent something on the spot. If you haven't spent
some time thinking about your own "Description", take
the opportunity now.
I urge all my California readers to get out and vote in the Recall Election on October 7th, 2003. Voting is both a right and a responsibility. Make sure your voice is heard!
It is especially important that you vote in this election. The office of Governor could be won with as little as a 15% majority. Don't let others make this important decision for you.
For myself, I will be voting NO on the Recall and FOR Cruz Bustamante.
Regardless of whether you agree or disagree, please Get out the Vote on October 7th!
Windows Security Report hits home..and leads to author's firing
The publication of a report highly critical of Microsoft's security policies and calling Windows "a threat to national security" quickly led the firing of one of authors, Dan Geer, former chief technology officer of @Stake, a security consulting firm.
Slashdot members have been discussing the report and the subsequent fallout.
One of the major thrusts of the paper was the conclusion that the dominance of MS Windows has led to a "monoculture" of computer operating systems, where one virus, worm or other attack can disable millions of computers with a single blow.
Back in 1999, I wrote a piece entitled Genetic Diversity in Computers, where I discussed the same issue. When the population of an animal or plant is depleted to a great extent, one single virus or disease can drive the entire population to extinction quite easily. With some diversity in our computing platforms, some computers are guaranteed to survive even the most virulent attack as these exploits commonly focus on one particular computer platform...usually MS Windows. Without the diversity of Macintosh, Linux and other Unix variants, it is not too farfetched to see how a concentrated attack on MS Windows could effect more than 95% of the personal computers and network servers in the US and across the globe.
I believe even more strongly today that we need to develop a collection of separate, yet interoperable, operating systems in order to protect our future. Individuals and companies should be free to pick the operating system of their choice without worrying about how it will integrate with other operating systems. This ease of use will build a diversity to protect us against further attacks on Microsoft products and diminish the ability to cause great havoc by attacking the dominant operating system.
Electronic Voting Issues
Even though a report by Maryland's own election board found that Diebold Election Systems' touch-screen voting machines were "at high risk of compromise," Maryland went on to approve their use.
See:
Maryland: E-Voting Passes Muster - Wired NewsA Vote Against the Computerized Ballot - MIT Technology Review
The idiocy of such behavior boggles the mind. More and more information had been exposed about this voting system over the last month and none of it is good. Instead of making voting more secure and less prone to error, these systems seem to make it easier than ever for election officials, politicians and others to rig elections in their favor.
When you are talking about elections, you are fiddling with one of the most basic rights and responsibilities in the USA. Anything that is not secure and audit-able will simply not pass muster. New, electronic or hip doesn't mean the system is any better than past systems, and might even be worse.
Beginning of school-year colds
If it seems like it has been a bit quiet here lately, it isn't your imagination.
The beginning of the school year brought along its companion, the cold I always get. Almost 1 year to the day from the last time I was sick and here I am nursing yet another cold. Thankfully, this time, it didn't turn into anything worse. That is what typically happens.
Anyway, I am back on my feet (or back in my chair) and will try and catch up on a few of the big technology stories working right now.
Be well! -- Douglas
Apple Mac OS X update pulled
According to MacMegaSite and MacFixit.com, the latest Apple MAC OS X update has been pulled due to a large number of problems.
If you have not installed the update yet, you will want to hold off until it is re-released. If you have
installed, as I have, you may or may not experience any problems, but be aware that problems do exist.
As far as my own opinion goes, major errors such as this are simply unacceptable. In order to effectively protect our machines against virus and worm attacks, we are told to update machines immediately. If these updates cause major problems themselves, it defeats the entire purpose. Users must be able to trust the updates from operating system manufacturers or they will not patch their machines and therefore leave them self open to further and more damaging attacks.
Apple Mac OS X Update Available
While I pity anyone who has to try and download this 40+ MB update using a dial-up modem, there are a significant number of fixes and enhancements to be had. You might want to have a friend/co-worker/neighbor download the update and burn it to a CD for you to save some time.
Click on the link above for a complete list of the updated items.
Open Your Mind to a Banned Book!
This is the Banned Book Week 2003, sponsored by the American Library Assocation. I am a big supporter of libraries, as well as an almost daily user. Learn about books that have been challanged or banned in various areas of the US and why it is important to fight these attempts by a vocal minority to silence opinions with which they disagree.
Career Column
Career-Op: It's a Blast!
by Douglas E. Welch, ComputorEdge Magazine
As anyone in high-tech knows, the MBLAST Worm program made a shambles of many PCs and servers over the last month. Despite promises from Microsoft to increase the security of their software, people continue to find, and exploit these flaws to greater and greater effect. Among the hue and cry that is raised with each new attack, high-tech professionals can be heard disclaiming any culpability. “Microsoft is to blame for lousy software.” “Hackers and script kiddies are to blame for writing the exploits.” “Users aren’t bright enough to protect themselves from attack.” While I don’t deny the truth behind any or even all of these statements, I have some difficult news for high-tech workers. Despite all these problems, protecting your systems is your responsibility. Regardless of the culpability of any of the above parties, when you let your systems become infected, and, even worse, infect others, you have failed in one of the basic missions of any high-tech job. Failing to patch for known flaws, especially when you know an attack will be forthcoming, makes you part of the problem instead of part of the solution.
Microsoft WILL NOT email you security updates!
Just a word of warning about an ongoing virus attack via email.
The Swen, W32/Swen@MM, Gibe, and W32/Gibe-F strain of virus often arrives in an email masquerading as a security update from Microsoft. As the title of this post says, Microsoft will never distribute a security update in this fashion. All updates are downloaded directly via http://windowsupdate.microsoft.com.
This virus can exploit an old bug in Windows that allows it to execute itself, so please be sure you have all necessary updates from Microsoft. It would be embarrassing to be infected by something that was fixed 2 years ago. (SMILE)
If you get such an email, it is a virus or other hoax.
Events
September 27-28
Santa Clarita
American Indian powwow and craft fair includes dancing, drumming, colorful regalia and special performances.
Tel: (800) 718-TOUR or (661) 255-4318
Fax: (661) 259-8125
Events
SATURDAY AND SUNDAY, SEPTEMBER 27 & 28, 2003
9 a.m. to 6 p.m.
We visited for the first time last year and it was quite nice. They had an area for kids to play in bounce houses, live entertainment and lots of food.
From the web site...
IN MEDIEVAL times the great Benedictine abbeys of Europe often encouraged agricultural and crafts Feyres, where artists, craftspersons, patrons, and paupers all gathered just outside the cloister walls to wonder at that commingling of human ingenuity with the splendor of God's creation which we call "Art". Continuing this venerable tradition, the monks of Valyermo offer an Arts and Crafts Festival on the monastery grounds during the last weekend in September, where artisans and craftspersons from all over the Southland display their products in a setting where both good food and entertainment, as well as the consolation of the Sacraments are provided.
ADMISSION to the Festival is free; however a $4.00 donation is requested for parking. Ceramic plaques produced at the monastery are prominently displayed; as is their designer, Fr. Maur Van Dooerslaer, O.S.B., who is available to autograph his work. The Art Gallery and open-air shows include exhibitions of painting, sculpture, and photography; other displays include pottery, jewelry, and wood and glass crafts.
FOOD BOOTHS, cafeterias and restaurants provide a wide variety of cuisines, from Mexican and Chinese food to hamburgers, chicken, and ribs. Babysitting for children ages 1 to 3 is provided free of charge; and children can also visit the petting zoo. Tour groups are welcome; and the parking fee is waived for tour buses.
Out All Night With the Masters
Want a great night (and morning) out, looking at famous works of art....for FREE?!?!?!
The LA County Museum of Art (LACMA) is opening up its 2 current exhibits, French Masterworks and Modigliani, starting at 9 pm Thursday, September 18 and keeping them open all night long. There will also be entertainment, drinks and food.
Sorry about the late notice on this. I only came across this listing a few minutes ago. Wrightwood sits over a mile high, so it would be a great place to get away from the heat this weekend. -- Douglas
An art tour throughout the village of Wrightwood
Saturday September 13, 2003
10 am to 5 pm
Over 40 Tri-Community artists are showcasing their work in the Art Tour. Meet our local artists and enjoy a wide range of styles and media displayed throughout the village. Many will offer demonstrations, music and food; artists will be available to answer questions and share their art.
Demonstrations
Refreshments
Music
Silent Auction -- artist donated items
(all proceeds go to the Red Cross)
Tickets
Artist Bio Booklet & Map $5
available for purchase at -- or by mail
Four Seasons Gallery
6013 Park Drive
PO Box 401
Wrightwood, California 92397
For more information:
760-249-3712
Career Column
Career-Op: I want an apprentice
by Douglas E. Welch, ComputorEdge Magazine
Yes, that’s right. I want an apprentice. Not some Dickensian, child in forced-labor kind of apprentice, of course, but someone who wants to know what I know about technology. Someone who wants to begin their career with all the advantages that weren’t available when I was starting mine. Even more, I wonder why no one has sought out myself (or any of you readers) to help them start their high-tech career.
101 Halloween Ideas
I am trying to prep for Halloween a little earlier this year. It always seems to sneak up on me well before I am ready. I seem to add more and more features to my yard every year -- building a new prop here or a new effect there. This year I am also creating stuff for the Haunted House at Joe's school. This is a great way to tackle larger projects and then re-use them at home.
This list of tips should give you a great start on this year's Halloween Haunt.
How to keep your job
I came across this excellent item on The Farm: The Tucows Developers' Hangout via AllConsuming, a site which highlights books appearing in weblogs acorss the Internet.
While it is written with software developers in mind, this Powerpoint presentation by the authors of The Pragmatic Programmer: From Journeyman to Master, provides a set of guidelines valid for all high-tech workers (or even all workers, in general). The presentation outlines the threat to high-tech workers in the US and how they themselves can provide the best defense of their jobs. Anyone who is interested in developing their career should take a look.
MS03-039: A Buffer Overrun in RPCSS May Allow Code Execution
This is the latest security update from Microsoft. It appears that no one has released a virus/worm to exploit this issue, but installing this fix will protect you in the future.
From the Tech Note...
Remote Procedure Call (RPC) is a protocol that is used by Windows. RPC provides an inter-process communication mechanism that allows a program that is running on one computer to seamlessly access services on another computer. The protocol itself is derived from the Open Software Foundation (OSF) RPC protocol, but with the addition of some Microsoft-specific extensions.
You outta be in pictures (tiles)
Joe has recently started Kindergarten, so I have been bringing him to school and picking him up at the end of the day. Since I am usually way too early (it must be my mid-western upbringing) I have spent some time wandering around the neighborhood.
Imagine my surprise when I happened across this wonderful collection of mosaic artwork. I have driven by this location hundreds of times, but they really don't catch your attention when you are speeding by in a car.
The work is entitled Hollywood Highlights and was created in 1994 by Margaret Nielsen. It was supported by the Percent for the Arts program of the LA Department of Cultural Affairs. The mosaics depict scenes from famous Hollywood films both new and old. You can see a photo gallery containing a few of the mosaics by clicking on the picture above. There are many more mosaics than I show in the gallery. You'll have to visit to see the rest.
If you get a chance, stop by for a few minutes and check this out. Street parking is limited, but available on the opposite (South) side of the street, off of Firmament Avenue. The address of the artwork is 15503 Ventura Boulevard, Encino, California.
Enjoy this little spot of art in the Valley!
My latest TechRepublic article is now online
Computer professionals now have to remember passwords for routers, servers, VPNs, ISPs, Web pages, and even their own ATM PIN. (Heck, my wife and I even have one for our kid's Upromise account!) And to further protect the security of these systems, you are being required to choose more complex passwords that include numbers, mixed-case letters, and even special characters. Is it any wonder that software developers have created password storage programs for Palm PDAs? The difficult question for you and your users is, "Do these programs enhance security or lower it?or have no effect on it at all"?
Books
I came across this book in the bookstore a few days ago. It is a nice collection of tips and tricks to get your creativity going. A nice book to have next to the computer/easel/writing table.
Events
September 12-28
Pomona
Largest county fair in the nation; exhibits, carnival, horse racing, food and entertainment.
Subscribe to the WelchEvents Mailing List
Latest Microsoft Security Update
MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure
This update closes a whole where a program could gain access to random bits of data from your computer's memory. A complete discussion of the issue is available in the tech note linked above.
Career Column
Career-Op: Freelancing Now
by Douglas E. Welch, ComputorEdge Magazine
In the old days, a newly minted high-tech worker had a clearly defined road to follow for their career. They would take an entry-level job at some large corporation, do all the menial labor they could stand and either get promoted or take whatever they learned to some other company. Repeat this as necessary, until the person found a niche where they could settle in for the long haul. In today’s workplace, though, I would like to offer an alternative. One that I think might better serve the high-tech careerist and the people for whom they work. Wouldn’t it be better to try out other avenues if employment and other career paths before locking yourself into something that may not serve you well? I have come to believe that starting everyone off in a typical corporate job may do more damage than good.
Computers/Windows
Latest Microsoft Patches
A flurry of patches from Microsoft this week, including fixes for Microsoft Office.
It is important that you update your system now, so that when and if a virus/worm is written to exploit these flaws, you will already be protected.
From Microsoft.com...
Computers/Mac
Microsoft Office v. X 10.1.5 Update
Microsoft has released their latest update for Microsoft Office V.x. Their web page is relatively vague but it appears to fix various stability issues in the software.
If you never applied Microsoft Office v. X 10.1.4 Update, you will need to download and run this update first.
Web
Need a little creativity boost in your life?
Head on over to CreativityForLife.com and you will find a myriad of ways to spice up your thinking. There are articles on goal setting, living your career dreams and much, much more.
Via My Friend (and Creativity Coach) Jo Ann Braheny
Events/Kids
Meet the Author!
Acclaimed writer, Q.L. Pearce, author of the "Scary Stories for Sleep-overs"
series will present spine-tingling tales of terror!!!
Tuesday, September 9, 2003 -- 4pm
Sherman Oaks Branch
LA Public Library
14245 Moorpark Street
Sherman Oaks, CA 91423
Receive each new episode and blog post automatically
