Random Disconnected Diatribes of a p&p Documentation Engineer
Maybe we've just been lucky with car insurance. When somebody reversed into the side of my wife's parked car some weeks ago, our insurance company sorted it all out with one phone call, got the car fixed within a week, and even aggressively pursued the other insurance company to get the excess we paid refunded. Somewhat different to a friend's experience where their budget insurer led them a merry dance for several weeks, and left them severely out of pocket at the end. After paying the premiums for years, they suddenly discovered they were barely covered for anything.
But I've just had a similar experience with virus and malware protection. I've suffered over the years with the well-known issues surrounding many of the mainstream AV packages, such as instability, incompatibilities, and hassle installing and removing them; though newer versions have resolved a lot of these problems. Mostly I've tended to use packages such as CA, Norton, Avast, and AVG. However, since becoming a 'Softie, I've been forcibly migrated to the arms of our own threat management suite, Forefront.
We have our own custom installer for Forefront, which connects the client application to the backend big iron that hosts the management infrastructure; and on my corporate domain-connected machine it seems to work fine. But installing the stand-alone client on other machines has been an interesting revelation in how we depend on stuff that may not actually be doing anything. For example, I just clicked "Update definitions" in Forefront, and it says I have the latest definitions installed. Yet when I go to the Malware Protection Center it tells me that there have been five new versions since then, and my current version is at least two days out of date. There are over 90 new threats identified since the version I've got installed. But clicking "Update definitions" does nothing.
Mind you, I suspect it's partly to do with the fact that it keeps trying to send packets out through some weird ports, and my network firewall just bats them back again. The log full of connection errors would tend to confirm this, and probably not being able to talk to its big iron is not helping the situation. Though it's not just Forefront that seems to have had issues - the Windows Defender installation on a couple of Vista machines suddenly decided some months back that it was fed up downloading updates, and just stopped doing so.
So, on all of these machines, I've switched to the new Microsoft Security Essentials package, and so far it seems to do what it should - though I notice that scans and definition updates only seem to spring into life when the machine is reasonably idle. My wife has a habit of switching on, doing her email, then immediately powering off again, and I generally find I need to turn the thing on while she's out to get it up to date. Last week it suddenly started flashing red and complaining that the definitions were a week out of date. Yet it refused to do anything about it despite being left it in peace for an hour to do its internal housekeeping. It looks like it doesn't attempt to "catch up" if it missed a scheduled scan by running one as soon as possible afterwards (which you'd assume it would do). And when you start a manual scan, it doesn't automatically download the latest definition files first. So even if my wife had decided to click the "Scan now" button - and, let's face it, why would she - it would scan using definition files seven days out of date.
But what really annoyed me was that my locked down Web browser machine, which runs 24 hours a day and is mostly idling, suddenly popped up a warning that Forefront had out of date definitions. On investigating the stored definition files, it seems like it hasn't actually updated since November! Yet the Windows event log is full of blue "information" entries describing how hard it's working to protect my machine. So then I looked at the virus definition updates in my local Windows Software Update Service (WSUS), which religiously downloads Forefront updates every night (all 80MB, and there's usually three of them).
Amazingly, all of these are marked as "Not Applicable" for all of my machines. Obviously Forefront, unlike Windows Defender, doesn't look in WSUS - but goes direct to somewhere else. I wonder how much bandwidth I've wasted in the last year downloading these. That reassuring green tick in WSUS for the machines, which I assumed meant I was fully patched and up to date, means nothing in terms of malware and virus protection. It seems like every machine on the network needs to download its own copy of the definitions every time. But maybe that's better from a security perspective.
So now I'm migrating all of the non-domain-joined machines to Security Essentials, and my daily task before using each machine is to click the "Update" and "Scan now" links. Maybe the dev team for Security Essentials will help out by adding an option that you can set so it will download definitions and scan immediately if it missed a scheduled one. And one more thing guys, how about allowing us to schedule a mixture of scans? A quick scan every day and a full scan every week, for example.
Then, after all this fun, I decided the next morning to have a more thorough look at the "dangerous" software installed on my wife's laptop and my Web browsing box. I have to say I wasn't prepared for the horrors I found. On the laptop Firefox was still version 3.0.6, Flash was a year out of date, Adobe Reader was two whole versions past its sell-by date, Shockwave at least two minor releases out of kilter (it was only recently installed), and Java a whole version number adrift. On my Web browser box Firefox was still an old version 3.5 release, and Adobe Reader required the latest updates (which I've actually been telling friends and neighbors to make sure they install on their home machines).
The reason is, of course, that none of this stuff auto-updates when you are running as a non-admin user. OK, so you can't run Windows Update as a non-admin, but it does do it in the background automatically. Firefox grays out the "Check for updates" menu option, so you might think all is well and it's looking after you in the background. Nope - you need to log in as an administrator to be able to click the menu link, and to actually perform the update. The same seems to apply to Adobe Reader, though it removes the "Check for updates" link rather than disabling it. And what about Flash, Shockwave, Java, and all the other weird extensions that seem to be indispensible for Web browsing these days? How do I check if they're up to date? In the end, I just logged in as an admin, went to the respective sites, and installed the latest versions over the top of what was already there. Though there's probably some I missed because I've never heard of them before...
I guess it's interesting to ponder over whether software should update itself automatically. Obviously the O/S needs to in order to protect the less technical users (the computing majority). But should other programs do this? For example, I wouldn't expect my text editor (TextPad) or picture editor (PaintShop Pro) to do this. I run versions that are well out of date on some machines because they do what I need and I can't justify buying and learning a new version. But stuff that exposes me to risk, such as Web browsers, email clients, and the associated browsing junk, surely should auto-update - at least to resolve security vulnerabilities.
OK, so maybe there's a problem with them not being able to access the system if the updates aren't delivered through Microsoft Update. I did read a couple of blog posts that suggested the answer is to give all user accounts write and modify permission for your Program Files folder tree, but I'm not convinced that's a great plan. Though whether it introduces more risk than running out of date browser and Web software that has known vulnerabilities is an interesting question.
Maybe I'm just naive, but why doesn't software that may expose you to risk simply pop up a warning when it's out of date but can't automatically update? I suppose there's the risk that users could be fooled into trying to install some malware that pretends to be an "essential update for your system". The problem is that the current situation seems to be full of holes, and maybe it's no wonder that viruses and malware continue to flourish and spread. Still, hopefully after this round of updates I'm covered for the time being.
Or until somebody reverses into the side of my server cabinet...
Why is it that the U.S. manufacturing industry seems unable to make anything with an electric motor in it that works without generating enough noise to wake the dead (or, at least, the sleeping)? Its 2:00 AM in the morning, so the bathroom light has been turned off for more than three hours. And I'm not much in the mood for a Margarita, so I can quite happily manage without a constant supply of ice cubes. Though, as it's about 40 degrees (F) outside, I would like to have some heating please...
Yes, as you may have guessed, I've done the 22 hours end-to-end trip to the Mother Ship again, and am comfortably ensconced in a not exactly salubrious hotel room just outside Redmond for a couple of weeks as we get ready to toss the first Beta version of Enterprise Library 5.0 out into the arms of the baying public. And it's certainly fortuitous that I remembered to bring my airplane passenger earplugs within me.
In my little rented room, there's an air conditioner/heater, a large fridge/freezer, and a bathroom extractor fan. It seems like it's totally impossible to stop the bathroom extractor fan running - even if you turn out all the lights and sit in the dark for an hour. And the ice-maker in the freezer is designed to make clattering noises even when it's turned off and not actually making any ice. The fridge, freezer, and room heater motors are also obviously interconnected. As one switches off another one starts so that, together with the ever-active extractor fan, they provide a fascinating and ever-changing combination of whirring, clattering, rumbling, humming, and rattling noises.
OK, so I come from a somewhat backward area of the world (England) where we don't believe in air conditioning, and we have a gas boiler hidden away in the garage rather than electric fan heaters, but - as a civilization - we have advanced far enough to have a fridge, a freezer, and bathrooms with extractor fans. The fridge and freezer in our house are more than ten years old, yet still only emit a very faint hum. And the extractor fan turns off after five minutes. Even the central heating pump, located in cupboard next to the bedroom, generates an only just perceptible whirring noise.
Yes I can unplug my hotel room fridge at night (a procedure I've carried out during my last several stays here), and shut the bathroom door. But, even though I come from what we in England call "Oop North", where we're supposedly hardy enough to withstand the cold, I'm not hugely keen on waking up in the morning with icicles on my eyebrows like you see on those polar exploration documentaries. In fact, in relation to the geography of the UK, I really live in the North Midlands - so I'm nowhere near as hardy as many of the other more remote inhabitants of our tiny island group.
It's a well-known fact that Geordies go to local football matches in mid Winter (and in Russia when they're playing away) wearing just a Newcastle United tee-shirt. And the people of South Wales go shopping at Tesco in their pyjamas in the middle of the coldest Winter nights (see this BBC News story if you don't believe me). Meanwhile, Scotsmen quite happily run round on top of hills throwing cabers as part of the Highland games wearing (supposedly) just a kilt as a nether-regions windbreak.
Mind you, I did bring my MP3 player and noise-reducing headphones with me, so maybe I should just go out and buy one of those "relaxation" CDs. The sounds of waves breaking on a distant beach, or birdsong, or whales serenading each other hundreds of miles apart, perhaps. I suppose I could even go the whole hog and buy a DVD of a roaring log fire to play on the TV in the room, just to complete the effect of a nice cozy retreat away from home. Though the crackling noise would probably keep me awake.
Oh, and this week's title? Check out this page.
Reading a UK computer magazine last week, I came across the delightful phrase "like playing a recording of a swarm of hornets to a group of blindfolded mime artists". It conjures up a vivid mental picture of events such as might occur at a product development meeting where somebody suggests rewriting a whole legacy application in Objective Fortran and linking the components using DCOM. Or allowing the marketing department to choose the name for your wonderful new product.
Generally, I have to avoid such colorful language in the documentation I create. Somehow, flowery terms such as that may be felt to be taking the reader's attention away from the main points of the technical description, or even tending to make the software seem less than seriously "enterprise-capable". Let's face it, when you're trying to explain something like interception for virtual methods, or attribute-based validation at interface level, tempting users' minds to go wandering off and luxuriate in some wildly unrelated (or even humorous) description of the effects is unlikely to comply with the stringent rules of our style guide.
However, at the moment I'm writing guides that are not technically "documentation". They're designed to be entertaining and make it fun to learn about the products. I probably can't get away with a "Mr. Bunny's Guide" equivalent - which, for example, shows a Visual Basic Form in both front view (useful) and top view (just a straight line). Besides which, I'm no good at drawing pictures of farmers and animals. But, maybe I can sneak some vivid descriptions past the editors.
Perhaps I can describe the process of architecting an application as "like doing a crossword puzzle in a foreign language when they forgot to print the black squares and your pen's run out"? Or the complexity of writing a multi-threaded interception authorization behavior as "like explaining AC theory to someone who thinks the electricity leaks out of a light socket if you don't put a bulb in it"? And how about painting a picture of reaching feature complete and code freeze for your product as "like trying to finish a bowl of soup when sitting outside a French café in the pouring rain"?
Unfortunately, one of my U.S. colleagues once described me as having a "British sense of humor" (notice that he missed the "u" out). I guess this is where it will all fall over because it's likely that a large proportion of the readers will have no idea at all what I'm talking about. Especially when it's been translated into a range of other languages. And I suppose it could get quite annoying if you have to re-read the same section a few times just to grasp what’s going on. Oh well, it was a thought.
Mind you, talking of animals, several years ago a co-author and I decided to have a competition to see who could get the most lifelike picture of an animal created as one of those "boxes and arrows" schematics into a book. I managed to get an only-marginally-recognizable dog into one of mine, including the Internet "cloud" symbol for the result of processing various inputs - neatly positioned just below the tail. I assumed they'd cut or modify it during edit, but to my amazement it actually survived intact. I never did get round to mentioning it to the publisher. However, my co-author won the competition hands-down by including a very realistic giraffe, and disguising it by drawing it upside down. I complained about this, but he simply reminded me that the rules didn't specify orientation.
And I guess that, if my editors read this, it's a lost cause now anyway. They (and our customers) will be seeing animals in all of my schematics. Maybe I've just invented a new form of the Rorschach Ink Blot test.
Funny stuff, wireless. We take for granted that we can wander aimlessly about the office or home while maintaining a robust connection to the outside world, or just to the server down the hall. Let's face it, modern kit and the connection it provides is pretty reliable. And, rather annoyingly, after the not inconsiderable effort of hard-wiring my house with CAT-5 and a 10MB switches, it even seems that the new generation of Wi-Fi is faster.
And range is less and less a limiting factor. From my laptop sitting in the lounge, I can see five wireless networks that have almost as strong a signal as my own router than lives on top of the display cabinet in the dining room. OK, so I run it at half power, but I'm only five yards away from it while my nearest neighbor is thirty yards away. And I can even tell where some of them actually are because they insist on transmitting their own name as the SSID. I just hope they are properly secured.
Anyway, where I'm going with this is that - in contrast to Wi-Fi - not much else wireless seems to work as reliably. I read endless articles about how vague and unreliable the latest 3G networks are when using a mobile phone or a dongle; and that many sat-navs seem to spend most of their life trying to find satellites. I bought a radio-controlled wristwatch a couple of years ago, and we have several radio-controlled clocks in our house. Yet, even though we're only 70 miles from one of the major time signal transmitters that's supposed to serve half of Western Europe, updates are sometimes sporadic. I think I've more chance of radio wave radiation burns from it than getting to know the correct time.
But what really got me going was a recent purchase of a wireless weather station. I've been using some old-fashioned tools (such as a wood and brass barometer) and simple indoor weather monitors for a while. However, real outdoor weather measurement has so far tended to involve the more "manual" activity of looking out of the window, or actually going outside. So I expected the complexity of boxes and technology nailed to a post in the garden to be a real improvement over current methods.
Yes there's gubbins to measure the wind, rain, temperature, pressure, humidity; and some other stuff that seems undecipherable (do I need to know what the "evapotranspiration" or "leaf wetness" is?). And it all shows up on a fancy wireless console you keep next to the TV, or on the coffee table as a talking point, as well as being uploadable to a PC. Unfortunately, the only way it would work is with the sensors sitting on the dining room table, or with the wireless console precariously propped in a bush in the garden.
The wireless range is advertised as "up to 100 metres line of sight". Yet, even though it's only fifteen feet away and I can see it through the window, the feeble non-licensed signal can't manage to struggle over that distance to the receiving console. Even with new batteries, the maximum range turned out to be about three feet. Maybe I got a faulty one? I can understand that the signal can't be as powerful as Wi-Fi (it's supposed to run off two AA batteries for a year). But I might as well stand outside with a sprig of seaweed, hold a wet finger in the air, and take off my hat to see what the weather's like.
Talking to the customer care department, it seems that this is a common problem. It's because I live in a Faraday Cage. Modern houses have metal foil on the back of the wall panels, and low-emissivity glass in the windows (which uses a very thin coating of metal oxide to reduce long wave radiated heat loss - I know this 'cos I used to be a double-glazing salesman). So getting a wireless signal in or out is obviously going to be very difficult. They did suggest keeping the batteries warm to maximize the signal strength. Have I bought a weather station that only works in summer? The "ice warning" obviously consists of a blank display.
Strangely, they also suggest that "traditional brick and stone" walls, even very thick ones, cause a lot less signal attenuation. So the solution seems to be either hacking into one of my neighbor's Wi-Fi signals (which obviously isn't aware that it should be blocked by my walls and windows) to see if they know what the weather will be like. Or go and live in a castle.
If any UK-based Internet users noticed that the Web was running a bit slow last Thursday, I apologize. Probably I was partly to blame. I managed to send an extremely large zip file on a four hundred mile round trip just to move it three quarters of an inch. I'm expecting a large invoice from my ISP to arrive any day now.
How did I manage it I hear you ask? And, more likely, why? Well, in my continuing search to be eco-friendly I run a single server that hosts several Hyper-V virtual machines, one of which is my external Web server and another that is my main file store. As I export copies of the VMs regularly, I don't have any other specific mechanism for backing up individual files from the Web server. And, for security reasons, the Web server VM has only a single network connection going to the ADSL router and out onto the Web.
So when I decided to back up just the Web sites, the only option other than reconfiguring the network was to zip them up, drop the zip file temporarily into the Web root folder, and then download it through a browser on the internal network. As the internal network also connects to the same ADSL router though the gateway and firewall server (another VM), the download runs at 100 MBits/sec and doesn't ever have to leave my server cabinet.
Except I forgot about the ramifications of my recent venture into a more resilient connection with the outside world, which involves a cable Internet line and a load-balancing router on the gateway server. The cable line is ten times faster than the ADSL line, so (as you'd expect) the LB router decided to route my request for the zip file out through the cable connection.
Therefore the zip file ended up travelling out from my ADSL router, over the wet string that is the phone line to my local exchange, via kilostream to the BT data centre in Birmingham, across some high speed optical fiber to TeleHouse in London, out west to the NTL data centre in Bristol, through several fiber cables and distribution routers back to the old Nynex Cable centre in Derby, out to the green box at the end of our street, via coax under my front lawn to the cable modem in my server cabinet, and back onto the other hard disk inside the same server as it came from.
I have to admit that I noticed the download seemed to be taking a long time when I came back an hour later at it was still only at 85%. Next time, I promise I'll unplug the cable modem before I start... but isn't amazing what you can do with modern networking technology?
As a full-time 'Softie, I am - of course - a fully converted Binger. However, I occasionally pop across to the competition just to see what graphic they've used for the search engine name, designed to illustrate the particular day of the year. It's an interesting way to keep up with other cultures and see how clever the artists are that create meaningful designs using images that look like letters.
This is, of course, a common way to produce an attractive logo whilst adding a bit of fun to it. But you do need to make sure that you maintain readability. For example, we use this logo for a local site related to feline identification and assistance in locating lost ones. Hopefully, the actual text that is the name of the site is obvious to all.
So, on Christmas day, I popped across to Google to see what they'd done to celebrate the non-denominational gift-giving holiday period (as one of my very pc colleagues described it), and discovered that it said "Grmoi8". Or perhaps it was "GrhelB". Hard to be more precise because - other than the usual letter "G" - the remaining images bore almost no relationship to alphabetic characters.
OK, so I know it's pretty easy to figure what the name of the site is when you get there. Even if you're struggling to decipher the URL in the address box, the fact that it says "Google Search" in big letters on one of the buttons tends to give the game away. Is it that "Google" has become such a well-known household expression (and verb) that they now only need to use the letter "G" to identify themselves?
I tried navigating to http://www.g.com to see if they've decided to abandon the newly non-required letters altogether, but there's no sign of a search engine there. Probably because it resolves to the IP address 184.108.40.206 - an Assigned Numbers Authority reserved address. So I guess there's no point in Microsoft trying to register b.com either.
Of course, one of the annoying things about HTML is that you can't easily tell what fonts the user has installed - which is why CSS accepts standard font identifiers such as "serif" and "monospace" that the browser translates into the appropriate locally-installed font. It would be much easier if you could just specify a font such as those letters that look like cutouts from newspapers, or that have curly bits resembling some Olde English typeface that went wrong in the translation to digital form, and automatically send them down the pipe as GIFs if user didn't already have them. Without needing to install stuff or run some hosted process just to display them.
In my days on the conference circuit I preached the accessibility recommendations (and legal requirements) on many occasions, but I rarely see any support for the more specialist user agents in these kinds of sites. Yet sites such as Amazon, MSDN, and many others seem to have figured how to do it in even the most locked down or non-standard browsers and user agents. I imagined some years ago that we'd nail the "only works with browser X" thing, but it seems even less the case as the years go by.
For example, what's really annoying is that Visa Verify thing that pops up (or often doesn't in IE) just as you get to the end of a Web-based purchase. I've lost track of the number of times I've had to switch to Firefox and go through the whole shopping and checkout process again because the Visa site can't send me a working page. I guess that if our most trusted and respected institutions (?) can't make it work, what chance do the rest of us have?
So we're out of the noughties and into the tens, and I suppose I should decide on some New Year (or, more likely, recycled from the last several years) resolutions. Of course, one of the nice things about being a married man is that you generally don't have to spend a lot of time trying to think of suitable topics to be resolute about. You can usually rely on "the better half" to provide some useful direction in these matters. Suggestions such as losing weight, getting more exercise, giving up smoking, going to bed earlier, and generally increasing the possibility I might live to see old age.
But surely there are some more useful (and easier to keep) resolutions that I can come up with as we traverse into a new decade? Ones that there's at least a sporting chance I can keep until the middle of January? Having spent some inordinate amount of time pondering, I've come up with my own personal list. Feel free to borrow any that fit your lifestyle and situation.