LinLog

After having it for around three years, I finally got an expansion card for my MP3 player yesterday. Now it has triple the capacity.

As you may already know, I have a 128MB MPIO FL100 player. It comes with a Secure Digital (SD) card expansion slot. Up until recently, I was too cheap to buy a card to put in it, but while shopping in Target (I love Target), I saw some 256MB Lexar SD cards in the checkout lane. They were only $15 and I had just been thinking about finally getting one, so I couldn't really pass it up.

Unfortunately, the Linux software that I use to access the player (no, it does not work as a USB mass storage device) doesn't support the expansion card for my model. However, there is a simple solution: just use a standard card reader. I was able to copy MP3s onto the card and they were picked up when I inserted it into the player. Yay!

The only problem with this method is that the only SD card reader I have is in my printer, an HP PhotoSmart 7760. It does work, but not as well as I might hope. In addition to being a bit slow, HAL doesn't seem to detect it. The system seems to register the card insert, but no new device node is created. It just uses /dev/sdb, which is created when the system starts up. I'm not sure if that's normal or not, but it is slightly annoying.

But at least everything works. That's really all that's important. Maybe at some point I'll take a look at the code for the MPIO software and see if I can get the external card access working. At the very least, I should look at the KDE-based GUI. It's very non-standard and not particularly easy to use.

I was reading a thread on e-mail and spam over at Tek-Tips the other day, and several of the posters recommended e-mail obfuscation as a method for avoiding spam. For example, listing your address as "bob AT foo DOT com" or "johnATgmailNOSPAM.com" instead of the actual address. This sort of thing is everywhere now, and has been for several years.

My question is: why are people still doing this? Does it actually still work? I mean, is there any actual evidence that obfuscating your e-mail addresses is an effective way to combat spam? Or is it just that it used to work years ago and nobody has bothered to re-evaluate method?

I've read studies in the past that indicated this was effective, but nothing recently. For example, about three years ago I read a paper that found entity and/or URL encoding your address worked very well, e.g. the letter "A" would become A in the text and %41 in the clickable link.

But that was years ago. And while the spammers may be subhuman dirt-bags, they're not stupid or lazy. I find it impossible to believe that the people writing address harvesters have just been sitting on their thumbs for the past three years. These obfuscation methods have been in wide circulation for some time, so they must have accounted for them by now.

And when you think about it, it's not even really that hard. For example, converting URL and entity encoding to plain text is a simple matter for anyone with a Python/Perl/whatever interpreter and a chart of the relevant character set. Likewise, accounting for simple obfuscations like the ones I mentioned earlier is well within the abilities of any competent programmer. A talented programmer could do it in an afternoon with a few well-placed regular expressions.

The futility of obfuscation becomes much clearer when you consider that the address harvesters don't necessarily care that much about the quality of the addresses they collect. Sure, high-quality, known-good addresses are more valuable, but the low-quality, probably invalid ones can still be sold for a few pennies per thousands. And since many (if not most) spammers are using botnets to do their dirty work - stealing the bandwidth they use to send spam - they aren't hurt much by having a bunch of bogus addresses in their lists. Why not just try a few variations on any potentially obfuscated addresses just in case you get lucky?

Pretty much the only obfuscation methods I've seen that seem to be effective are putting the address in an image and using some convoluted JavaScript to disguise the e-mail address, but still make the mailto link function normally. The problem with these approaches is that they're extremely annoying and inaccessible to people with disabilities. They also don't offer any guarantees. Image recognition software is getting better and there's nothing to stop the harvesters from implementing JavaScript interpreters, so while both techniques may work now, it seems they're living on borrowed time.

It seems to me that the whole thing is just an ill-conceived battle to maintain the old way of doing things. If you're really that concerned about your e-mail address being harvested on a web site, then just don't display it on the site at all. Just use a PHP form mailer, or something. They're not hard to set up and they offer complete protection because your e-mail address doesn't have to appear on the page in any way, shape, or form. They also have the advantage of being completely accessible to users with visual impairments or who, for whatever reason, can't use JavaScript.

So, in conclusion, please don't obfuscate your e-mail address. It's really annoying, sometimes inaccessible, and there's no evidence that it still works but plenty of reason to suspect it doesn't.

Well, I can finally stop complaining about my crappy network connection. It got really bad last weekend, so on Monday I finally called Time Warner to complain.

The good news is that they got a tech out here the next day. The bad news was that, as usual, the "appointment" was for sometime between noon and 5PM. The even worse news was that shortly after the tech left, the service went out again.

So, after another call, I ended up going down to the Time Warner office to trade in my six-year-old cable modem for a newer one. This seemed to fix the problem.

However, it seems that the frequent service outages played havoc with KMail. At least, I'm guessing that's what caused the problem. All I know is that, despite having KMail up and running the whole time, I didn't get any e-mail between Monday and Friday. On Friday, I logged out and logged back in later, only to discover messages from Tuesday in my inbox.

I don't know what happened there. I never saw any error messages, even when I manually checked my mail. It just silently failed. Apparently closing KMail fixed the problem, but it's still really annoying - especially since one of the messages from Tuesday was important.

Does anybody know how to change the network adapter that VMware Player bridges to?

I haven't used VMware in a while, but when I fired it up the other day, the network bridging just plain didn't work. This struck me as weird, because it used to work.

After some futile web searches, I eventually grepped around /proc and discovered /proc/vmnet/bridge0, which indicated that the network bridge was going to eth0. This explained the lack of connectivity, as eth0 is my unplugged ethernet card. I wanted it to go to ra0, my WiFi card. However, rerunning vmware-config-network.pl didn't seem to do anything. In fact, I couldn't even get it to ask me what device to use.

I could be way off track here, but I suspect this has something to do with the fact that I'm using the pre-built VMware kernel modules from the Ubuntu repositories. I almost think the device to bridge to is configured at compile time and built directly into the modules. If that's the case, that kind of sucks.

At least the NAT networking is fine, so at least I've got something. On the down side, it's a little inconvenient. Since VMware Player doesn't have shared directory support, I need to go through the network to access my file shares. Accessing the localhost from a NATed VM doesn't work so well. I can still mount my local shares on a remote host and go through a share on that host to get the data, but that's, er, just this side of crazy.

Yay, I can blog again! I was going to post something when I got home, but Time Warner's internet service has been completely unreliable for the last few weeks. It's like having dial-up, but more expensive. I'm going to have to call anc complain, because it's just getting ridiculous.

On a different note, I spent way too much time trying to install my new SATA hard drive last night. I ordered it from NewEgg earlier this week, along with a 1GB flash drive. I thought it would be a quick, painless installation. Just plug the drive into the integrated SATA controller on my motherboard, hook it up with th epower cord adapter, and I'm good to go. Little did I know....

After hooking up the drive, my system wouldn't boot. Heck, it wouldn't even finish detecting the available IDE devices. Even the memory test slowed down to a crawl. It made no sense. I tried fiddling with everything I could think of in the BIOS, but nothing helped.

The breakthrough came when, in desparation, I decided to try out the jumpers on the drive. Initially, I made the really stupid mistake of actually believing the label on the drive that said no jumpers were required. I guess the guys at the hard drive plant were in the mood for a practical joke that day. Anyway, after I set the jumper for 150MB/s only mode, everything worked perfectly.

In other news, I spent half a day at work last week configuring wireless modems for police data terminals. Why they need a Systems Analyst at pay grade 15 (for reference, the assistant IT director is a grade 17) to do boring, repetitive hardware configuration, I don't know. Well, actually I do know, but it would be unprofessional to say. At any rate, all you need to know is that it's boring, repetitive, and time-consuming. Sadly, I didn't know I'd be working on them that day, or I'd at least have brought my MP3 player.