2007-09-11: kadmin-remctl 1.9
To work around the lack of security in iPass (which is otherwise a nice
service), we're giving all users who get to use iPass a separate instance
to use for authentication. Windows RADIUS wants to control access to a
service via an authorization group, and we don't want people to use their
primary accounts, so we need to add iPass instances to a group when they're
created. This release adds the code to do that. Not that generally
applicable to anything else, but it can't hurt, and it's a good example how
to do this sort of thing.
You can get the latest version from the
kadmin-remctl
distribution page.
2007-09-13: Latest haul
It's been completely nuts around here lately, both in terms of the number
of things I have to do and the amount that's going on, so posting here has
gotten short shrift. Hopefully that will change a little, since for the
next of the month I get to focus mostly on finishing the wallet
implementation.
I've finished a bunch of books but haven't been writing reviews. That too
I'm hoping to change soon. I have one finished to edit tomorrow and
another five to write.
I got another Powell's order in, plus I went to the Friends of the Palo
Alto Library book sale last weekend with a friend and picked up a bunch
more for cheap. Here's the results:
Greg Bear -- / (Slant) (sff)
Hanne Blank -- Virgin (nonfiction)
Berkeley Breathed -- Politically, Fashionably, and Aerodynamically
Incorrect (comic strips)
A.S. Byatt -- Possession (mainstream)
Richard Carlson, Ph.D. -- Don't Sweat the Small Stuff... and It's
All Small Stuff (nonfiction)
Juan Cole -- Napoleon's Egypt (nonfiction)
Jerome Groopman, M.D. -- How Doctors Think (nonfiction)
Tony Morrison -- Beloved (mainstream)
Vera Nazarian -- Lords of Rainbow (sff)
Karl Schroeder -- Queen of Candesce (sff)
Jon Stewart -- Naked Pictures of Famous People
(nonfiction)
J.R.R. Tolkien -- Unfinished Tales (sff)
I already had a copy of Unfinished Tales, but I found a hardcover
copy for very little and didn't want to pass that up. I'm slightly annoyed
at the excessively long titles of this batch since I'm going to have to fit
them into my review pages. *heh*
The Palo Alto book sale is a great chance to pick up classics I'm not sure
I'll enjoy, since there's much less investment of money to get them there.
Of course, the real problem is the investment of time.
2007-09-14: The Cognitive Style of PowerPoint
Review: The Cognitive Style of PowerPoint, by Edward R. Tufte
Publisher: Graphics Press
Copyright: September 2003
ISBN: 0-9613921-5-0
Pages: 27
This is more of a pamphlet or an essay than a book, and on the first
reading I didn't write a review of it because of that. But the content is
so notable and excellent and the quality of the printing (thanks to Tufte's
Graphics Press) is so high that I think it warrants a full review. I
believe the content of this essay, at least in one form, is present as a
chapter in Tufte's latest book, Beautiful Evidence.
Tufte has written a series of exceptional and beautifully produced books on
presentation of information: graphs, diagrams, maps, and similar
presentations. His normal style in all of these works is to show and
critique examples, showing both positive and negative ways of presenting
information and sometimes taking a presentation and rewriting it to improve
it. The strongest parts of these books are usually his pointed, trenchant,
and often funny critiques of the worst examples. This essay, composed
almost entirely of the sort of horrible content regularly produced by
PowerPoint, is a delight.
Similar to the analysis of presentations about the Challenger o-rings in
Visual
Explanations, the centerpiece of The Cognitive Style of PowerPoint
is an analysis of the horrible presentation of the problems with the
shuttle Columbia before its disastrous return. Tufte uses this
presentation, done with PowerPoint in the normal bullet outline format that
such slide software encourages, as a compelling example of muddled
thinking, confusing typography, false summaries, hidden information, and
ineffective communication. His analysis is backed up by the final report
of the Columbia Accident Investigation Board, which calls out PowerPoint
specifically:
The Board views the endemic use of PowerPoint briefing slides instead of
technical papers as an illustration of the problematic methods of technical
communication at NASA.
Tufte goes from there to attack the reduction of thinking to bulleted
lists, the PowerPoint graph templates and tables, the low resolution of
projected slides, and the standard methods used for presentations in
businesses and organizations all over the world. He's in fine form here,
pulling no punches. Everyone who has sat through interminable meetings
where bullet points of meaningless buzzwords are slowly dribbled out via
overhead projector will be cheering him on, and he backs up his disgust
with specific examples, concrete suggestions for improvement (mostly around
using higher-density supporting documents like handouts). He also uses
satire quite effectively, including a hilarious rewrite of the Gettysburgh
Address as a PowerPoint presentation by Peter Norvig.
As with all Tufte publications, this is a bit spendy for what you get ($7
for a short, although full-sized, pamphlet from
Graphics Press), but
the paper, printing, layout, color, and production quality are first-rate.
This is a dense example of the analysis that Tufte does best, and while it
doesn't teach on as broad of a front as his books, I recommend it for
anyone who gives presentations or has to listen to them. I don't know if
anything can get rid of PowerPoint culture, but I wish this essay were
universally read.
Rating: 9 out of 10
Permanent
review page
2007-09-18: pam-krb5 3.6
I'm still feeling rather swamped, and fighting off a cold isn't helping
with energy levels, but I'm slowly making progress. I'm on target for
having a first release of the wallet finished around the first of October,
and I'm starting to clear my backlog of pending patches and fixes for the
other packages I maintain.
I tracked down some segfaults we were seeing on Red Hat x86_64 systems with
unknown users and fixed that bug, fixed the two outstanding Debian bugs in
libpam-krb5, and finally added support for prompting the user for a
Kerberos principal to authenticate as, separate from the local account.
That plus some fixes on Solaris and some other bug fixes are in this
release. It's been a long time since the previous release, although the
code is stabilizing.
I'd still like to do a major code cleanup pass and then add a test suite,
but that's going to be hard, particularly the latter. Not sure when I'm
going to have time.
You can get the latest version from the
pam-krb5 distribution
page.
2007-09-18: spin 1.65
Another spin user reported that spin would output blank lines at the start
of the XHTML file if \heading was preceded by other commands that didn't
produce output, such as \id, and didn't start its own paragraph. In the
process, I fixed another long-standing whitespace bug that had been
bothering me and producing empty paragraphs in my book reviews by making
spin smarter about ignoring whitespace at the beginning of multiparagraph
arguments.
You can get the latest version from my
web tools distribution
page.
2007-09-19: Undertow
Review: Undertow, by Elizabeth Bear
Publisher: Bantam
Copyright: August 2007
ISBN: 0-553-58905-4
Pages: 332
Greene's World is a colony world far from the Core, a watery, marshy world
with a native species with a low level of technology. Humans have mining
outposts and a city of ships that can scatter before the periodic
hurricanes. They have communication with the Core worlds through connex, a
network that can pass information and various objects but not living
creatures. There's trade, but the colonists are here to stay unless
they're willing to absorb a huge time gap from relativistic travel back to
the Core. That makes Greene's World a good place to hide. It also means
that the trade company that settled and exploits it can rule with little
resistance.
Undertow is a frontier story, featuring a mix of unsavory characters
and people with a hidden past and set in a background of colonial
exploitation. The ranids are used as slave labor, abused, beaten up, and
treated like animals. Several of the main characters are involved with a
resistance movement, one that the others discover and are pulled into as
the story unfolds. And the mining and drilling the company is doing turns
out to be for much higher stakes than is at first apparent.
The two primary twists of this story are the ranid race and a
probability-based magic system with some hand-waving explanations in
quantum mechanics. The latter isn't hard SF by any stretch: conjurers can
modify probabilities and essentially bring good or bad luck to those they
chose or cause unlikely accidents to happen. It functions in the book as a
sort of native knowledge. But it's not entirely anti-technological and
Bear weaves it into the technology that allows universe-spanning
communications. Unfortunately, the quantum mechanics link leads to a
climax featuring bifurcation of worlds that I found confusing and less than
satisfying, but it otherwise is a fun magic system that doesn't overpower
the technology. I like powers that are unreliable, subtle, and play with
the heads of the characters.
The better twist is the ranids. Bear does a good job with alien design,
giving us scenes from the ranid viewpoint and scenes where the same actions
have very different meanings to the ranids and the humans. The touches of
detail — a protective mucous layer, life in lukewarm water, the smell
and taste of different regions, and the importance of touch and eye contact
— helped me get into their mindset and play with the world as they
view it. The ranid link to conjuring and probabilities was a bit less
satisfying but it fit well with ranid culture. I liked the culture built
around stories and around travel. This is a solid alien portrayal that
avoids many standard traps (including some around human/alien
communication, which I think Bear dealt with well).
Otherwise, we have the normal Bear cast of people with past damage, people
reinventing themselves, and people making mistakes and living with the
consequences, stuck a mix of networked living, frontier problems, and some
political commentary on colonialism (although the correct side in that
fight is mostly taken for granted). There's an eerie (if accidental)
similarity to
Spin
State, but while Moriarty's society reminded me of US coal miners, Bear's
reminds me of indigenous Central and South Americans being exploited by
European and US mining companies. It's a similar background, but Bear's
material deals more with the us versus them edge and sharp differences in
technological capability. I liked how the background of injustice didn't
overwhelm. It's not unimportant, but it lets a plot run on top, avoids
lots of infodumping, and shows a more practical reaction than frothing
outrage.
I really liked most of this book. Cricket in particular is a great
character. André I didn't warm to as much, but I appreciate a
protagonist who isn't a noble hero, or even a likable scoundrel, but really
is a self-centered opportunist who still has a streak of peculiar ethics.
The climax and ending, though, didn't do as much for me. I felt like the
political background was a touch too thin and a little too unexplained to
hold the weight of the plot, and I could have done with a bit more
explanation of the probability fallout and conclusion.
Bear's books keep almost but not quite reaching exceptional for me. Each
new book I open hoping this will be the one that makes that quantum leap,
but it hasn't quite happened yet. Undertow is good, solid
entertainment, not quite as good as
Carnival,
but still well worth reading. I'm convinced, though, that Bear's
eventually going to write a book I can't stop raving about.
Rating: 7 out of 10
Permanent
review page
2007-09-29: pam-krb5 3.7
I'm working way too many hours lately and I'm still not getting done
everything I want to get done. It's kind of a problem. And this wasn't
even at the top of the priority list; someone just happened to send me a
bug report, I fixed it, I decided that fixing another bug report would be
easy, and four hours later, I ended up releasing a new version.
This cleans up a lot of random stuff. If a keytab is given for credential
verification, it uses the first principal found in that keytab for the
verification. I have no idea why the Kerberos library doesn't do this
automatically; not doing so is stupid. It also fixes the behavior when
stacking the module together multiple times with different realms, uses a
saner name for its PAM data, doesn't store PAM data if there's no ticket
cache, and should be more thread-safe when running under Linux PAM. I also
biffed the configure flags determination in the last release, and this
fixes that plus pulls from pam-afs-session the compilation rules for
various other platforms.
You can get the latest version from the
pam-krb5 distribution
page.
2007-09-30: pam-afs-session 1.5
While I'm working on PAM modules, I may as well update both of them.
Just a collection of minor fixes here, including some memory leaks that I
tracked down this evening and a NULL pointer dereference after memory
allocation that a user reported. This module seems happily quite stable at
this point.
You can get the latest version from the
pam-afs-session
distribution page.
2007-09-30: pam-krb5 3.8
It's always right after I finally do a release that someone reports a major
bug that's been there for several releases.
It turns out that the new credential option allocation function introduced
with PKINIT doesn't initialize the returned option struct and you're still
expected to call _init. Weird. The result was that, when built against a
sufficiently new version of Kerberos, users with expired passwords would no
longer be prompted to change them and instead just wouldn't be able to log
in.
While I was fixing that, I also cranked up the warnings and included some
build system fixes that missed the last release.
You can get the latest version from the
pam-krb5 distribution
page.
All posts