Fugato

I was in Side, Turkey, for the total solar eclipse last March. Despite a recent interest in photography, I did not even pick up my camera during the eclipse. Why?

1. I had never seen totality before and I wanted to experience it without distraction.
2. My longest lens was 85mm, so my photo would show the eclipse as a really small fuzzy black spot.
3. I knew that there would be people making pictures like this:

so I might as well not bother.

This is by one Nick King; I found it at the Solar Eclipse Gallery. Click it for a really big version. There are plenty more good ones there.

I’m getting to like Windows PowerShell quite a lot. Specifically, I like it almost as much as I detest the smoldering pile of rank excrement it comes embedded in: that vile ol’ cmd.exe shell window.

Because cmd.exe, the perennial ball-and-chain of Windows command-line usage, still suffers — after all these years — from a host of ill-forgivable usability flaws:

• Drag-selection selects simply a rectangle of characters, instead of following the flow of text. Sometimes you want that; generally you don’t. There is no way to select text like every other text environment does (e.g. Notepad, most shell windows in Linux, etc.). Why?
• You can’t drag-resize the window horizontally! You have to open a properties dialog, select layout, and type in the new width in characters. Why?
• No keyboard shortcut for paste. Why?
• No keyboard shortcut for scrolling. You can enter a Scroll mode in which the arrow keys work. To do so, fumble for your mouse and right-click and select Scroll. In this mode, typing anything results only in a loud beep. You must press Esc to go back to typing mode — in the usability spirit of vi. Why?
• By default there is no scrollback buffer; what’s stored is simply what’s on the screen. If it’s gone off the top, it’s lost. You can set the buffer bigger than the window in Properties -> Layout, but it’s tiny by default. Windows takes up several hundred megabytes just for chugging along like the freight train it is, but here they really had to save a couple of dozen kilobytes. Why?
• To drag-select text to copy, I have to first right-click and select Mark. This is inconsistent with everything else, anywhere, and there’s no point: mouse dragging does nothing in the window otherwise, so there is no need to disambiguate drag-selection from anything. If I set “Quick-edit” mode in Properties, I can drag-select directly … but then the right-click context menu doesn’t work until I turn off Quick-edit mode. Why?

And that’s leaving out the paltry line-editing functionality and weak scripting support, as compared to Unix shells. At least Windows PowerShell does something about those.

cmd.exe is so bad that once it has broken your spirit you actually marvel at the most minuscule hints of convenience in it: “Ho! F7 triggers a pop-up window with the command history. Boy, I just can’t believe how I have been able to never see that before!”

Detecting a novel feel on the skin of his back, the slave asks his driver: “Hey, is that a new cat-o’-nine-tails? How silky smooth it is!”

It is a real shame that the very promising innovation that is Windows PowerShell has to be marred by being encased in this anachronistic usability disaster.

After a decade and then some, why must Microsoft’s only command-line console still feel like a botched freshman programming assignment?

I meant that as a rhetorical question, but here’s one possible answer:

Guy in Microsoft Command Shell Development:

The best way to scroll a console is:
Alt-Space, E, L

<ESC> or <Enter> exits this mode.

Along those same lines, a quick way to paste is:
Alt-Space, E, P

User:

! that is four (4) keys :(
i think i’ll stick with the mouse until this gets improved…

thanks anyway

cmd.exe guy:

It actually becomes ingrained quite quickly as a single action. Ask anybody who’s spent any time using Emacs or VI how quickly these things become second nature!

And here I thought I was joking that vi was cmd.exe’s role model of acceptable usability.

Okay, I’m done; I feel better now.

Coined by Baal. Meaning is obvious: a borderline-pathological aesthetic perfectionism, especially pertaining to mathematics and computer programming.

Update: if you got the Irreal dating sms and are wondering about what to do: do nothing. The sms is garbage; ignore it and forget about it. Definitely don’t do what the website tells you. There is no mess to get out of. You are not going to be billed. Do not enter your phone number, and do not run that program. Generally, do not run any program coming off the internet unless you know what it is, know that it is useful to you, and are very sure it comes from somewhere trustworthy.

Update 2: They are using the name SMS True Date Service now. That makes sense: when the top result in a google search for your name identifies you as a scam, it’s time to change your name. :)

Most significant breaches of computer security are achieved by perfectly non-technical means, i.e. by tricking people, not computers. This is called social engineering, at least when the trick is to get someone to divulge their password by casual trustworthy-sounding conversation (“Hi, I’m Bill in tech support, haya doin’? I need your password real quick for this fix …”)

The key is to divert attention away from what’s really going on, disguising it as something else. The friendly, casual, innocent voice is one way to do that. Another way is to get people hurried and worried about some different (and fake) nuisance or danger. A friend of mine saw such an attempt tonight.

She got an SMS from a weird phone number like +2783 or such, welcoming her to Irreal Dating at www.irrealhost.com, and noting that her phone will be charged $2 per day “only.” Whoops!

Going to that site, sure enough, there is a form for signing up, with just a text field for a phone number, and a checkbox (already checked, for your convenience). “Somebody must have signed up my phone number,” you think! But there is also a way to unsubscribe. Phew! Hurry! All you have to do is enter your mobile number and click confirm to start … the program.

Oh.

The page helpfully describes what you must then do to start that crucial unsubscription program:

with a convenient blur to distract you from Microsoft’s warnings that you may be about to install spyware or trojans or other malicious software. Forget all that, just run it without thinking please!

And your computer gets infected with their trojan.

“Once you have finished you will be removed from our system and you will no longer be charged for anything.” Isn’t that a nice dangling carrot?

It’s a clever scheme. They probably obtain phone numbers by spidering the web for patterns like “Cell: XXX XXX XXXX”, perhaps with country-specific variants like “s. XXX XXXX” for *.is domains (for Iceland) … that particular one would turn up my friend’s phone number, for instance, since it appears in a used-books forum somewhere. Then they find a way to send this SMS to all of these phone numbers through open or misconfigured SMS gateways. Thousands of people are confused and in enough of a hurry to cancel their “subscriptions” that they don’t realize what it’s really about, and their computers end up infected.

Then our irreal friends use their trojan program to commandeer these thousands of computers as drones for spamming, or for distributed denial of service attacks, or for whatever anybody is willing to pay for.

It’s one way to make a living. And some of them get quite rich doing it.

An extra clever aspect of this scam is that people are used to filtering away or ignoring spam email … but are less suspicious of SMS. I wonder if we’re about to see a rise in SMS spam because of that.

Googling for “irrealhost” and “irreal dating” turns up nothing right now, so the trick (or at least this instantiation of it) must be brand new. Their hosting provider will probably shut them down soon, but not before they’ve gotten their little trojan onto plenty of computers. And their business churns on.

Sigh. With just a little more ingenuity and a little less moral fiber, I could have been a rich man …

This statue is located prominently in Harvard Yard at the heart of Harvard University’s campus in Cambridge. It is an old custom for students to rub the toe of its left shoe for academic prosperity. That toe is shiny golden because of this, while the rest of the statue is blackened with age.

It is commonly called the Statue of Three Lies. That is because it carries this inscription:

JOHN HARVARD

FOUNDER

1638

Harvard University was not founded in 1638.

John Harvard did not found it.

And that’s not John Harvard. Some student posed for the sculptor. John Harvard sucked at posing, on account of being dead.

But more amusing than that is the expression on the face of the guy in the red shirt. I have enlarged it here for your viewing pleasure.