Terminally Incoherent

I talked to several people lately who expressed interest in BioShock. I told them straight up: no matter what you do, don’t buy that shit. If you do, you will just get brutally fucked up the ass by SecuRom, online activation and the 57 million of other DRM features that 2kgames decided to put in it. If you download it on the other hand you get a safe copy that includes no rootkit, and will still work 20 years from now when 2kgames no longer exist, and you for some reason are in a mood to play the old abandonware shit.

I usually don’t advocate copyright infringement here but I can’t in good conscience recommend to anyone paying money for software that will fuck up their system. We live in a seriously fucked up day and age where the legal software contains very shady, very dangerous mallware.

Especially since the DRM has no effect on the file sharing at all. BioShock was cracked in 11 days. Was the revenue gained during these 11 days worth the bad PR, alienating thousands of customers who paid for the game but were not able to play it without uninstalling crucial tools like debuggers and process monitor they use for their real life work every day?

I’m not playing BioShock - I’m boycotting that game because of the DRM. But I got fucked by this kind of DRM some time ago when my brother bought me Brothers in Arms: Earned in Blood which contains Starforce - an evil piece of shit that destroys your optical drives. So I have that game - it’s a legal copy, I have the box and set of CD’s but I can’t fucking play it. Or rather I can, but not without risking damage to my optical drives and rendering my system unstable.

But, if I downloaded the game, it comes with a crack that removes Starforce. Same goes for BioShock and SecuRom - if you download it, you get the game without the dangerous components. Anyone who is passionate about the game, and has half a brain will opt to download rather than buy games that are protected this way. The only people who buy them are those who don’t know about the rootkits, or are to clueless to understand what they do.

If you are a game publisher, do the math - implementing DRM the rootkit way will:

1. possibly increase sales in first week or two (not guaranteed though - people who were planning to download it will just hold off and wait anyway)
2. cause massive backlash from loyal fans
3. cause loss of customers who will never buy your products again
4. very, very bad PR in independent online forums
5. mainstream gaming media may pick up the story after the massive outrage in independent media
6. you become infamous in security industry. IT people across the globe hate you giving you more bad PR outside the gaming circles
7. possible class action lawsuits
8. sharp decline in sales caused by the rootkit news reaching more and more people
9. loyal fans who were backbone of your customer base boycot your products or turn to illegal downloads

Is it worth it? Personally I don’t think any DRM is worth the diminished customer experience. There is just no trade off here. You shit on your customers as if they were thieves and in exchange you get… 11 days - if you are lucky. It makes no sense.

No matter what kind of business you run, the golden rule always was “customer is always right”. Somehow music, movie and PC gaming companies decided that “customer is a filthy thief that must be punished” is a reasonable alternative. How long can you run your business the Soup Natzi style?

This extends beyond gaming. Every time you put a piece of DRM on your product you are essentially making it less marketable and less valuable than the cracked copy available on just about every torrent site out there. People want to rip their CD’s to mp3 files. If you prohibit this via DRM they will just download the mp3’s they want. And next time they will remember that you sell crippled CD’s so they will just hit up P2P instead of the record store.

The same argument is now becoming more and more valid for video as well. More and more people own video ipods, smart phones or other hand-held devices which have massive storage space and are capable of displaying video. Why should we be forced to buy movies in 5 different formats to be able to play them on all the different devices that you own? You download once, and then you just use the same copy on all the different portable players - this is what consumers want. And yet, movie studios consider such behavior reprehensible.

All these people lock down their products in ways that makes them either unusable, or actually dangerous to use and then complain that people prefer the unlocked, un-encumbered and inherently safer copies, that also incidentally can be downloaded for free. You have to remember that some people will never pay for your products. If they can’t download it, they will simply ignore it. When you use DRM you are simply alienating the rest of the people - those who were willing to give you money, but now they don’t because they can get a a copy that is of much better quality for free online.

I’m amazed how few people understand this simple dynamic.

I’ve been getting hit by hot linking pretty hard lately. If the site has been slow and unresponsive lately, it might have been because of that. Apparently someone has been using some of the images hosted here in their post signature on some very active forums resulting in almost an unintentional mini DDOS. Thanks fuckers. My bandwidth is still fine, and I don’t owe any overcharges. In fact, this didn’t even put a big dent in my bandwidth allowance. But it does put a strain on the server for absolutely no reason.

Quick run through the logs revealed that images from my site were used on at least 5 or 6 different forums, and at least 3 Myspace profiles and several live journals. I would just want to ask, WHAT THE FUCK ARE YOU PEOPLE THINKING? Are you retarded? Did you just get internet yesterday? I mean, what the fuck?

Think about it - you are hotlinking to a picture that sits on a server maintained by some dude you don’t even know. What stops me from swapping the file you just linked with say tubgirl, lemonparty, goatse or perhaps some nasty mashup of the three? I mean, other than common decency. If I was a real jackass, it would take me two clicks of a mouse to put a really, really vile, disgusting images in your signature or on your myspace profile.

Oh, and if I’m extra nasty I might just shoot an abuse complaint to myspace staff and say you are posting vile pr0n. Which you technically would be if I swapped around some images. From what I heard they delete accounts first, and ask questions second. Same goes for LJ.

So you really are putting your good name, and the integrity of your account on a given forum or social network in someone else’s hands. This is not a good position to put yourself into. One day you will piss off a guy that is a much bigger dick than I am, and you might likely get banned or loose your account on a given network.

The ironic thing is that I really don’t have any original images on this site. What you people are linking to are usually cropped, resized low quality copies of original work that can be fund elsewhere. But I guess anyone lazy enough to hotlink, is to lazy to click on a link and go to the source. Sigh…

Because of this I decided to disable hotlinking from outside domains. I’m using the following .htaccess file i my uploads directory:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www\.)?terminally-incoherent\.com/ [NC]
RewriteCond %{HTTP_REFERER} !bloglines\.com [NC]
RewriteCond %{HTTP_REFERER} !google\. [NC]
RewriteCond %{HTTP_REFERER} !search\?q=cache [NC]
RewriteCond %{HTTP_REFERER} !^http://babel.altavista.com/.*(www\.)?terminally-incoherent\.com [NC]
RewriteCond %{HTTP_REFERER} !^http://[^./]*\.talkr\.com [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule \.(jpe?g|gif|png)$ - [F]

What this means is that you can still access images directly, and and that google, bloglines and some other services will still have access. You will still be able to see the images embedded in RSS feed from within your online reader as before. Everyone else will get a nice 403 Forbidden error. I could silently redirect hotlinked images to use Coral Cache, but you know what - I don’t care anymore. Fuck it. Stupid people can deal with broken image tags. Smart people already coralized it or uploaded it somewhere else. This way I loose minimal amount of bandwidth, and spend as little time possible responding to your request.

Btw, if you are using an online RSS reader that is not on my list please let me know what it is in the comments and I’ll add it to the exception list.

Also, if you do feel the need to link directly to an image hosted here you will now need to use ImgRed. How does it work? It’s simple - simply slap http://imgred.com/ in front of the image URL. That’s all you need to do - the image will get cashed on ImgRed servers which takes a load of my page, and still lets you share the image without the hassle of uploading it to another service. You can also use Coral Cache as mentioned before. Both work equally well.

You notice that neither of the caching mechanisms are on my exception list. They don’t have to be. They were designed to work around this. So use them.

The other day I saw this:

author unknown

I decided we need to have a showdown. Which is your favorite movement key combination for gaming and/or text editing?

While we are at it, here is something that kinda bothers me. Do left handed gamers still use WASD? It would seem kinda uncomfortable to have both hands all the way on the left side of the keyboard, and have the wrong hand operating the keys (cause even if you are left handed, your left hand still works the keys left of the home row). Any left handed gamers who read this blog?

Do you guys re-map the keys to something else, learn how to use WASD with your right hand, or do you learn to use mouse in your right hand when you play games? Also, if you use the mouse with your left hand, do you usually swap the keys so that you have the RMB equivalent under the index finger?

It got me thinking because a lot of games don’t even offer this option which kinda sucks from the accessibility point of view.

As remote protocols go VNC is usually considered the standard because it is open, popular and relatively easy to work with. There are dozens of free and commercial implementations of the protocol, and even products like my favorite CrossLoop use it. But, truth be told, VNC is not great. If you want speed and quality, you ought to look somewhere else.

In the past I mentioned that the RDP protocol (also known as the Remote Desktop) for Windows just can’t be beat. When given a choice between VNC and RDP to work on a remote windows box, I will always choose the later. Yes, it is proprietary, but it is just serves my needs better. VNC is more geared towards remote support because both the local and remote users usually share the same desktop session. RDP on the other hand utilizes Windows Terminal Services letting you work in your private instance. And on top of that it’s much faster, and even over a slow internet link you can use the machine without huge delays or visual artifacts.

What about linux? If you want this type of service and performance, you have to look at another proprietary product. I’m talking about nx protocol by NoMachine. However unlike RDP, the core libraries for NX are released under GPL and NoMachine does distribute free binaries for most modern systems.

How do you set up a NX server? It’s as easy as downloading and installing 3 deb packages. Note that you need all three. The node depends on the client, and the server depends on the node. Go figure. Here is how I got it working under Feisty:

wget http://64.34.161.181/download/3.0.0/Linux/nxclient_3.0.0-78_i386.deb
wget http://64.34.161.181/download/3.0.0/Linux/nxnode_3.0.0-83_i386.deb
wget http://64.34.161.181/download/3.0.0/Linux/FE/nxserver_3.0.0-69_i386.deb
sudo dpkg -i nxclient_3.0.0-78_i386.deb
sudo dpkg -i nxnode_3.0.0-83_i386.deb
sudo dpkg -i nxserver_3.0.0-69_i386.deb

I had no major issues installing the 3.0 release, although it did complain about my CUPS configuration, or rather lack of thereof. I didn’t really care. Results? Here is a screeshot of my Ubuntulite inside a NXClient running on Windows XP:

And yes, it is the same Ubuntulite installation I put on my poor “senior citizen” rickety old spare laptop few days ago. Which just goes to show that the NXServer works great even on a tad flaky, 0.5 beta release of Ubuntulite.

The speed is comparable to what you get when using with RDP on windows, and so is the quality of the image. It’s crisp and refreshes very fast. It also beats normal X-forwarding when you are connecting from windows because the NX client much smaller than installing full blown X under cygwin, and free as opposed to something like XWin32. It also lets you view the whole desktop as if you were sitting at it as opposed to launching all your apps from withing xterms

Caveat emptor: by default the NX protocol uses ssh for routing it’s connections. Thus you have to make sure you have openssh-server package installed on your system. The NoMachie binaries will install just fine without it, but you won’t be able to establish a remote connection unless you install it. The upside of this is that all your communication between you and your remote machine is encrypted “out-of-the-box”. This is usually not the case with VNC, and never the case with RDP.

Definitely give it a whirl especially if you have a headless linux box somewhere and you would like to have an easier way of interacting with it than just plain ssh, without trading off security.

Google cracks me up sometimes. Sometimes their ads are right on the money - relevant to the topic that it’s scary. The other times… Well, see for yourself.

I found this one in a post about the Google Reader:

This one was in a post about Remote Desktop and VNC:

This was in a post on Perl scripting:

If these would show up on some of my review posts, or ones with jokes or random shit in them I would not bat an eyelash. But these were on fairly focused posts related to technology. I don’t think either one of them even mentioned parenting, love or animation… Is Google trying to tell me something here?

Find love, make children, watch animation. OMG, what if Google became sentient, and now is secretly trying to convince us to breed more using subliminal messages? I mean, someone has to build and maintain it’s servers so I can see how it would be concerned with the birth rates and such. For one, I welcome our Googly overlords.

Then again, maybe Google Adsense AI is still to stupid to parse my incoherent ramblings here.

Random linux tip - if you don’t feel like dealing with the regular KDE or Gnome based applications or mechanisms for taking snapshots of your screen, there is a simpler and quicker way. You can do it directly from the console:

import -window root screenshot.png

Of course screenshot.png is the filename you want to assign to your screenshot. It’s quick and easy, and can be triggered at any time. You can even put it into a script, or run a cron job that will take a snapshot of your current workspace at certain time interval.

The command above takes a snapshot of the whole desktop. If you want to just grab a rectangular region, skip the window parameter:

import screenshot.png

You cursor should change into a cross, and allow you to draw a rectangle over the desired area and save it as the file name you specify.

Note that you will need to have the imagemagick package installed. On ubuntu do:

aptitude install imagemagick

Make sure you have universe enabled in your apt sources.

I love Google Reader. Especially now, after they added the long lost search feature and taught it to count to a thousand. It is awesomer (yes, awesomer is a word, and if you don’t like that GTFO) than ever, but I still have a serious complaint about it’s functionality. This has been bothering me since I started using it, and I was always hoping they will eventually fix it. I think it’s time to speak up. The Google Reader subscription mechanism is retarded.

Let me say it this way - when I was using Bloglines the subscription bookmarklet would take me to a page which would let me preview the feed, and apply appropriate labels to it before I actually subscribed. It was easy, it was clean and it was informative.

The Google Reader bookmarklet leads you to this uninformative page:

This is especially annoying if you have Firefox set to automatically subscribe with the Reader, and you click on a RSS link while, for example, browsing some google search results. You click on a link and you get taken to this page.

Can you preview the feed? Not unless you subscribe. All the information you get from Google is the title of the feed, and some huge ass buttons that let me choose if you want to add it to your Google Reader or Google Homepage. The buttons and screenshots are the main focus, while the actual feed info is sitting in the corner, out of the way in a small font. Who designed this page? Google is usually known for good UI design, but this is ridiculous. I’ve been silently dealing with this crap for the longest time hoping they will fix it one day. But no, they insist on pushing their “home page” service on me.

Here is the thing - I do not use a home page. Who the hell uses a “home page” in the year two thousand and fucking seven? A home page is something that my grandmother uses. Unless you are still using that remote trojan exploit vector called Internet Exploder you have no business using a “home page”. Sessions are where it’s at right now. You open the browser and pick up right where you left off. Who wants to see the generic “Googel” page instead of useful set of tabs relevant to your last session? Other than my grandmother that is.

But I digress. I do not use Google Homepage and I’m sure I’m not alone here. So why does Google insist on offering me that option every time I try to subscribe? I just want to put this RSS feed in my Google Reader. Would it really be that hard to offer separate bookmarklet for the homepage and for the reader?

This way, they could offer a more useful subscription screen when if you randomly arrive at a RSS feed. Perhaps something more like the default Firefox subscription page:

This page is much better - it has a preview of the feed content and all the relevant information. All it lacks is a little drop down menu that would let you to tag your feed right there and then.

So how about it Google? Can you do this? Can you make a good subscription page for us, Google Reader users? Or should we just go back to Bloglines. I hear they implemented a nice brand new Ajax interface that is as good, if not better than yours. Make it happen!

Since documenting various email scams such as the UK National Lottery Scam, and the Lady Rita Mosley Scam turned out to be really helpful to so many people, I decided to tackle another spam that appeared in my mailbox recently. It’s the “Part Time Job Offer” thing that you may or may not heard of. Here is the lovely email I found:

Dear Sir/Ma,

I am Raphael Smith; we are Aloevera Company looking for a representative to represent the company. We have sales representatives all over the world to distribute our products. You know, that it’s not easy to start a business in a new market (being the USA). WE ARE BASED IN UK, BUT WE HAVE BEEN RECEIVING ORDERS FROM NORTHERN AMERICA. There are hundreds of ompetitors, close direct contacts between suppliers and customers and other difficulties, which impede our sales promotion.

We have decided to deliver the products upfront, it’s very risky but it should push up sales on 25 percent. Thus we need to get payments for our products as soon as possible. Unfortunately we are unable to open Bank Accounts in the United US without first registering the company name.

Let me interject here for a second. How hard is it to register a company in US? Can’t be that hard, can it? I mean, think about it: if companies like allofmp3.com were able to sell to US customers despite shaky legality of their operation, then why would it be so hard for a hand cream company to do the same? Oh, yeah - cause it’s a scam. I forgot. Carry on.

Presently with the amount of Orders we have, we cannot put them on hold. For fear of loosing the customers out rightly. Secondly we cannot cash these payments from the US soon enough, as international Checks take about 14 working days for cash to be made available. We lose about 100,000 USD of net income each month because we have money transfer delays. Your task as a
representative of the company is to coordinate payments from customers and help us with the payment process. You are not involved in any sales.

Wait… Out rightly? I think you are looking for “outright” but that would still not make much sense.

Once orders are received and sorted we deliver the product to a customer (usually through UPS).The customer receives and inspects the products. After this has been done the customer has to pay for the products. About 90 percent of our customers prefer to pay through Certified Checks and Money orders drawn from the United States based on the amount involved. We have decided to open this new job position for solving this problem.

Your tasks are;

1. Receive payment from Customers
2. Cash Payment at your Bank or any cashing facilities near you.
3. Deduct 10% which will be your percentage/pay on Payment processed
4. Forward balance after deduction of percentage/pay to any of the offices you will be contacted to send payment to. This is done either through western union money transfer or Moneygram.This job takes only 3-7 hours per week.

You’ll have a lot of free time doing another job; you’ll get good income and regular job. But this job is very challenging and you should understand it. We are looking only for the worker who satisfies our requirements and will be an earnest assistant. We are glad to offer this job position to you. Interested in the position, kindly email back with the following details of yours:

NAME to be written on Checks or Money Orders………………………..
ADDRESS (This should be a physical address or post office addresses. where You can receive the payment sent via regular mail from the united state) CITY—————
STATE—————
ZIP CODE—————
COUNTRY—————
PHONE NUMBER (S) ———-Contact Telephone Number
(This is important Because a representative of the company will need to give you a call directly)
GENDER—————
MARITAL STATUS—————
AGE—————
NATIONALITY—————
EMAIL ADDRESS-

Urgent Attention is Imperative.

Reply your full address (dont click reply just copy this email) send reply to: aloevera_plc_raphael02@yahoo.co.uk

Regards,
Raphael Smith.
Manager
+447011135972

Sounds good eh? All you have to do is to cash some checks and wire the money overseas few times a week and you get a hefty percentage. What could go wrong? Other than spending some quality time in the federal-pound-me-in-the-ass-prison that is. Yes, boys and girls - if you take one of these “part time jobs” you are essentially laundering dirty money on behalf of your “employer”.

The checks and money orders you cash are usually earned via fraudulent Ebay auctions, illicit transfers and etc. When the person who was defrauded catches on and calls the police, the money trail will lead them directly to you. And guess who is going to get stuck with the bill?

Do not respond to these emails, and most importantly do not agree to transfer anything for anyone. In the best case scenario, you will get scammed in a classic 419 way. In the worst case, you will become an accessory to a crime and you may not only end up in debt but also suffer legal repercussions.

Some further reading:

• Payment Transfer Job explained in detail at Hoax-Slayer
• How to avoid Online Job Scams tips for job seekers.
• List of known Job Offer Spam emails - and some tips on how to avoid them
• Good blog post on this topic by a security consultant Debra Radcliff

If you got implicated in one of those things, stop everything call your Lawyer, and then call your Bank and the Police. Note that ignorance is hardly ever an excuse in our legal system, so you will likely be liable for all the transfers you already made.

This has been a public service announcement for the benefit of mentally handicapped people who fall for these scams.

Here is a question - does anyone still think Dane Cook is funny? Back in the day, when he relied mostly on very physical humor, an over the top persona and stolen jokes he was kinda amusing. I wasn’t impressed with his recent stand up specials, and his last movie was so atrocious that I heard it being described as “more effective than water boarding and sleep deprivation”. Despite this, I went to see his new movie - don’t ask me why.

Funny thing - according to IMDB Alba’s role was actually offered to Jennifer Love Hewitt who turned it down which is not very surprising judging from the end result. Though you have to wonder if the film would turn out any better if at least one of the leading actors could act just a little bit. Then again, Hewitt presently does absolutely nothing for me. She was hot in her “I Know What You Did Last Summer” period but I saw her in some of the more recent movies and she is… kinda odd looking. Alba on the other hand - still has it.

I found my new favorite website: tvtropes.org. If you like watching TV, movies, anime or comic books and you enjoy discussion plot devices and storytelling techniques they use don’t click that link, unless you have few spare hours. It will eat up hours upon hours of your time, in a classic wikipedia browsing scenario - “I’ll just look up this one term here, and I’ll stop!”. Oh and it will ruin your life forever.

The aim of that website seems to be listing, listing, categorizing, naming and explaining every single cliché moment, plot device and/or mechanic ever used on TV, in the movies, anime, comic books, literature and other media. Just to give you some examples, these range from the much hated All Just a Dream (don’t you just hate that one?), or the typical Karmic Death of a villain. It also explains peculiar character types ranging from the classic Adventurer Archaeologist (cue in Indians Jones, Lara Croft and hundreds of others) to the more obscure, but not really less prevalent Faux Action Girl - a female character who is said to posses some serious ass kicking skills by virtue or superpowers or intense combat training but never shows it, spends most time being kidnapped by the bad guys and must constantly be rescued by the male lead.

And who can forget such classics as A-Team Firing, the Imperial Stormtrooper Aim or the Dramatic Gun Cock. My personal favorite trope is probably the Enhance Button beautifully illustrated by this Bigger than Cheeses comic:

I spend last few days catching myself reading the TV Tropes wiki at various times. And every single time it turns into a click-feast 5 or 6 new tabs getting opened in the background for each page I read. These things are serioulsy like building blocks. You can take any given show, movie or story and carefully de-construct it by identifying it’s components on the TV Tropes index until nothing is left. I’m planning to link the hell out of this page during my future movie and anime reviews.

In addition to all of the above, the page can serve as a great list of entertainment titles to avoid or check out. Each trope or plot device comes with a list of examples which either use it or subvert it by putting a twist on it. The works that are perpetually listed under the silly, laughable and cliché tropes are probably total rubbish. Ones that subvert them in clever ways, might be something to put on your “to watch/read” list. Oh, and they are very good with spoilers blanking them out, and giving you a fair warning every time.