It’s not a big secret that I’m no fan of DRM. The abbreviation actually stands for Digital Rights Management,
but perhaps more appropriate definitions are Digital Restrictions
Management, The Devil’s Restricting Machinations, or Digital Screw the
Consumers Until the Cows Come Home.

DRM was originally intended to stop people from pirating content and
distribute it over the Internet. Unfortunately, this is completely
ineffective and does nothing except piss off the legitimate customers.
No one, with the exception of the fat cats, likes DRM. I’ll give you
the perfect example.

This Tuesday, I went to Best Buy to get the latest CD from 30 Second to Mars; A Beautiful Lie. Jared Leto‘s
little band seems to have quite a cult following considering that the
first one store that I went to was completely sold out and I had to go
to a second one (I was gonna order it from Amazon, but I couldn’t pass
up the 7.99 sticker price).

Once I got the CD, I noticed something sinister on the package; a
little copy protected symbol that referred to the back of the CD to
read the details of these “features”. Turning the CD over, it was
clearly marked that it would only work on a Mac or a Windows computer
(sorry Linux), you could only burn it 3 times, and you couldn’t
transfer it to an iPod (only a WMA portable device).

I bought the CD anyway all the while wondering if it would really stop me from playing the music that I purchased on the devices of my
choosing. I soon found out, the answer is yes and no. The CD comes with
it’s own version of Windows Media Player and on a Windows PC, plays
DRM’d Windows Media Files. I found it impossible to crack the DRM on
the hidden .wma files on the CD but there is a way to rip the tracks to
mp3 and therefore iTunes and a non-WMA portable media player (my hats off to a fellow on the Internet for showing me the way).

Now, I could post the secret of my success on my blog, but I have a feeling that if the jailers of our fair use rights got wind of it, I would get hit with cease and desist citing the other tool of the devil, the DMCA. So if you want to know, you know how to get a hold of me.

That’s the perfect example of how DRM sucks. I never use Windows Media Player and making me use it to play the music that I purchased legally,
in my opinion, is vendor lock-in and flat out illegal. When I buy a
DVD, I expect it to work in any DVD player (the whole region encoding
issue aside), not just Sony DVD players or JVC players.

Luckily there are heroes out there like DVDJon that stand up to the big companies that are working to restrict our media rights.

If you bought Velvet Revolver’s CD Contraband, you might be aware of the MediaMax DRM system that comes with the CD.


This site, hosted at Princeton, is a thorough analysis of the MediaMax DRM system including how to disable it.

I should note that the MediaMax DRM system is not the same system that is on the new 30 Seconds to Mars CD.

Found this at the EFF‘s website. This guide, titled The Customer is Always Wrong: A User’s Guide to DRM in Online Music, is a must read for everyone that buys music from online services.

Ever since I bought the latest 30 Seconds to Mars CD I’ve been thinking a lot about DRM, Microsoft, and customers.

DRM, in the entertainment media sense (i.e. audio files, movie files,
etc.) serves absolutely no purpose for customers. There are no features
in DRM which actually benefits customers. It doesn’t make anyone’s life
easier, better or more rich. It’s an invention by companies to maintain
their revenue stream.


Scoble, Microsoft’s most public mouthpiece, talks about
company-to-customer relations often in his blog. He’s always quick to
point out
that companies that don’t listen to their customers are doomed. It
makes sense. As a company, your customers are your lifeblood. If you
wrong them enough times, eventually they will seek an alternative.

Unfortunately, in Microsoft’s case, one of the problems is that they
have too many customers; too many people or groups of people to please.
The DRM on the CD that I bought is a perfect example. The CD used DRM’d
Windows Media Audio (.wma) files to protect the content.

How does DRM’d .wma files help me as a customer? The answer is, they
don’t. I’m not the customer, the recording company is. The two are
mutually exclusive. The record company doesn’t care about the customer,
they just want to protect their revenue stream and Microsoft is helping
them. So in this case, Microsoft is alienating one customer to please
another.

Before I go any further, I should say that when I write Microsoft in
this post, I mean the corporate entity and I’m not referring to
individual impassioned developers or groups of developers that actually
care about the products that they are working on and shipping.

Continuing on the note about customers and Microsoft, let me discuss IE
(Internet Explorer) 7. I truly believe that the newly reconstituted IE
team is passionate about giving their customers a great product to use.
What I don’t believe, and I don’t think anyone does either, is that
this move is completely altruistic. It’s not as if Bill Gates woke up
one day and said, “You know, IE 6 is good but our customers deserve
something better, so by golly, I’m going to give it to them!”

Everyone knows that the only reason Microsoft rebuilt their IE
team (after disbanding it) was because of Firefox’s rising popularity
(heck, even Microsoft’s employees admitted to using it instead of IE on
their blogs). In this case, who is
the customer? If you guessed the users, it’s my opinion that you have
guessed wrong, it’s the shareholders.

Firefox only had one customer to please; the users. They set to build a
better browser and they did it. Not because someone was cutting into
their little slice of the pie but because they wanted to make a great
product.

Microsoft, the entity, seemed to have stopped caring about their most
important customers (their users) a long time ago. If you don’t take my
word for it, read Dare Obsanjo’s post on the subject. He should know, he actually works at Microsoft (although I’m not sure how after posts like those).

Microsoft knows what they need to do, now it’s time to see if they actually do it.

How long does it take for an unpatched Windows XP computer with no
anti-virus to get compromised when connected to the Internet (using a dial-up modem)?
According to this article and video, about 8 seconds.

It’s been an interesting week in technology (and it’s not over yet).
First of all, for those that don’t know, the PDC (Microsoft
Professional Developers Conference) has been underway since Monday and
they’ve been unleashing new stuff left and right.

Some of those include:

• A PDC Build of Microsoft Vista (User Interface Video, Exploring and Using Vista Video)


• A PDC Build of Microsoft Office 12 which showcases the dramatic new Office User Interface – a must see (Diving into the New Office Video). Probably the most popular video with 60,000 views already!


• Microsoft Workflow Foundation. I’m still unsure of what the hell
  this really does and how it fits in with their other products (when I
  have time, I’ll check out the video).


• New version of Sharepoint (Video)


• LINQ, which stands for Language INtegrated Query. From the
  channel9 website, LINQ “makes query and set operations, like SQL
  statements first class citizens in .NET languages like C# and VB.” I’ve
  just scratched the surface of this, but it looks pretty cool so far. I
  guess it’s time to watch the video. When you are done with that, head over to this site for some more LINQ resources.


• Information about the ATLAS project which brings AJAX technologies to ASP.NET.


• Microsoft Expression
  which includes Graphic Designer (sorta like Adobe Illustrator and
  Photoshop(?)), Interactive Designer (think Macromedia Flash) and Web
  Designer. Being a web dude myself, I think Web Designer (code named
  Quartz) is probably the thing that I’m most excited about that’s been
  shown at the PDC so far. I want to get my hands on this software in the
  worst possible way.


• There’s more but I’ll let you mosey on over to Scoble’s for the rest…so far, tomorrow is another day after all.

In non-Microsoft tech news, meebo has been released to the public. If you ignored all that Microsoft stuff, listen to this.

Meebo, is an AJAX (web application by virtue of using AJAX) IM client
that allows you to chat on AIM, MSN, Yahoo!, and ICQ. Google Talk,
schmoogle talk. This is hot!

It’s still a beta alpha so don’t expect things to work
perfectly. I’ve tested the login but at the time that I logged in all
my buddies were sleeping, so I’ll test the actual chat portion tomorrow.

Before anyone uses this service seriously, they need to put up their
privacy policy and use SSL. I’m not sure how they missed that when they
went live, but according to their blog they know about it and they are going to fix it.

Oh yeah, and Google released a blog search which only searches blogs. Technorati and Icerocket and others must be sweating it.

I’ve been doing a lot of reading on XHTML, CSS, and design lately to
find out what I would need to make this site standards based.

In my research, I’ve found something interesting. Although developers
and geeks are quick to rally on the to the cause of web standards,
rarely any sites out there actually use them. Everyone out there
crucifies Internet Explorer for not following standards, but what’s the
point? If Internet Explorer was standards compliant, would it make a
damn bit of difference or would we continue to code non-compliant web
sites as long as they “worked?”

Out of all of the sites on my blog roll, only three actually validate.
Those sites are IT Notes, Molly.com (with warnings), and Jason Mauer
(validates as XHTML Strict! – way to go Jason). Interestingly enough,
usability and style sites like 37signals and 9rules also fail to
validate and even large sites like the beloved Google and CNN.com fail to
validate.

If so many of these (functional) sites fail to validate why is it so
important to adhere to the standards? Are they just rules that are
meant to be broken or should we web developers actually be paying more
attention to them?

This summer, I took a vacation to south Florida and in doing so, I
spent a significant time waiting in the airport. Most modern airports
have free wireless Internet access after the security check in points
and the airports that I’ve frequented (Portland, Phoenix, Houston, Ft.
Lauderdale) were no exception.

Most Wi-Fi networks in the airports follow a recurring motif; an open
AP (access point) that allows you to access the Internet. It’s really
convenient and easy to use but unfortunately, the problem with this is
that your communication to and from the Internet is not encrypted
whatsoever.

I don’t usually worry about this lack of encryption though. I have
access to a VPN server at work and at home so what I usually end up
doing is using the Wi-Fi at the airport then making a VPN connection to
my home network and then remote controlling and browsing, emailing, and
IM’ing from the remote controlled machine. Naturally, this is all
encrypted and I feel warm, safe, and fuzzy.

That safe feeling lasted until I couldn’t establish a VPN connection
from the Ft. Lauderdale airport. I instantly felt naked, as if my
thoughts were open to everyone and anyone. I still connected though but
I just used IM and didn’t read any of my email (corporate or home).

This got me thinking, there are probably a lot of business types out
there that use the free wireless at the airports, Starbucks, etc.
without thinking about the security of the information that they are
sending throughout the air. That thought, spawned another thought; I
envisioned a VPN service that people could use to encrypt their
wireless sessions to and from the Internet using OpenVPN. Since OpenVPN
is a TLS/SSL based VPN, it’s doubtful that someone would block the
outgoing port.

As luck (and laziness) would have it, I sat on the idea. Tonight
(morning) I opened up digg, and found this headline, “Google to offer
secure WiFi VPN.” Sound familiar? Yeah the premise is the same.
Luckily, I didn’t get into that game because Google would have crushed
me.

In order to use the service, you have to download a Windows application. Before you use it, familiarize yourself with the FAQ and the Privacy Policy.

One thing that always disturbed me about starting a service like that
was the potential to provide haxx0rs with “a free ride” to the
Internet. Think about it, now you can roll up to someone’s unsecured
wireless network in the ’burbs, start up your Google Secure Access and
start hacking away using an encrypted session.

I installed Google’s Secure Access VPN client and I’ve made some observations.

I’m not sure if the setup program created it or if the the client
itself created it but there is a new network connection in the Network
Connections control panel. This seems to be your standard PPTP VPN
connector.

Opening the connector is see that the username is listed as 0633492659
(seems to be a randomly generated number by the client as the second
time I connected I was assigned this number: 2466407433)
and there is no password saved. I’m assuming that the Secure Access
Client fills in the password, but that’s just an assumption.

Looking at the properties, I see that the connector is connecting to
vpn.google.com, and there are several advanced security settings
specified. According to the connector, the server requires encryption
(disconnects if the server declines) and the following options are
checked under Allow these protocols:

• Challenge Handshake Authentication Protocol (CHAP)


• Microsoft CHAP (MS-CHAP)


• Microsoft CHAP Version 2 (MS-CHAP v2)

All of the other options are unchecked.

Once I opt to connect the Secure Access Client, it starts the VPN
connector and automatically connects me. The following information is
listed in the Details section of the VPN connector:

• Authentication: MS CHAP V2


• Encryption: MPPE 128


• Compression: (none)


• PPP multilink framing: Off


• Server IP address: 192.168.230.1


• Client IP address: 192.231.7
  

Doing a quick Ethereal packet capture from my laptop, it looks like the
Secure Client makes some SSL calls to vpn.google.com before connecting the VPN network connection; it probably does
this to get the username and the password to connect to the VPN.

This post is about a dream that I had. If you don’t like reading about other people’s dreams, just skip this one.

Often my dreams are very grand in scope and follow an almost movie like script, so you’ll forgive me if this is rather long.

I remember running down a hill somewhere in the suburbs of Portland,
Oregon. As I reached the bottom, I passed through a gas station parking
lot where my ex-girlfriend was standing smoking a cigarette. I ran past
her hoping that she didn’t notice me but lady luck was not in my
corner. She immediately recognized me and started following me. The
more I ignored her, the more determined she seemed to want to talk to
me.

I ran into a large multi-story bookstore attempting to lose her but she
was right behind me. This is when things started to crystallize for me.
Her insistence on getting to me was not just to talk, I believed that
she was out to get me or the person that I was attempting to protect.

In the dream, I was what I call a Scion (although that’s never
mentioned by name in the dream) of God or perhaps one of the Seraphim
itself.
The Scion’s job is to protect people that have the power bring about
the end of the world from harm and manipulation by dark forces. These
people (called
The Gifted from here on out) usually don’t know that they have such
extraordinary power and usually are oblivious to their importance in
the cosmic scheme of things. If a Scion fails to protect one of The
Gifted, the dark forces usually use him or her to bring about the end
of the world. Interestingly enough, the end of the world, is not really
the end as it gets recreated again and the cycle begins anew. The
Scions live throughout the end and remember everything from past
worlds.

The Scions (I was one of several) have no extraordinary powers with the
exception of knowing who The Gifted are (and where they are at) and the
memory of worlds gone past. Unfortunately, the enemy of the Scions
(called The Enemy from here on out) do have extraordinary physical
powers (strength, speed, agility) and therefore Scions usually tend to
try to run away from them. All of the Scions are male, while conversely,
all of The Enemy are females. I don’t know why, that’s just the way it
is. One more thing, while Scions are naturally immortal (they can’t die
of old age), they can definitely be killed by The Enemy.

As I was hiding from my ex-girlfriend, it started dawning on me that
she could be one of The Enemy and was attempting to either kill me or
get to The Gifted that was assigned to me. I went to the elevator to
try to go up a floor. I pushed the “up” button and waited for the
elevator to come down.

As I was waiting, she saw me! It was one of those moments in the movies
where you’re waiting for the elevator while some danger is getting
closer. Just as she was upon me,  the elevator came down and the
doors closed in her face.

I  knew that The Gifted that I was assigned to was in this
bookstore, so I started searching for him/her. After a few minutes of
looking through what appeared to be the warehouse portion of the
bookstore, I found him. I’m not sure why, but it was a childhood friend
of mine named Wayne.

Thinking that The Enemy was still here to get him, I tried to get him
out of the bookstore urgently. Naturally, he didn’t want to go. I’m not
sure what I told him, but I seemed to impress upon him the idea that he
was in immediate danger and we headed out the fire escape to the back
alley.

That’s when I saw her. A beautiful blonde woman leapt from the roof
into the alley just a few feet away from us (told you they had special
powers). I immediately started running with Wayne in tow. At this
point, I realized that my ex was just a plant. She wasn’t The Enemy,
she was just really annoying.

Although we attempted to get away from the blonde, she eventually got
to Wayne (the details of how it happened blur). What I do remember is
there being a lot of wind, lighting, and dark clouds all over the
place. The world, was seemingly coming to an end.

I found Wayne in a trance while the world was falling apart around us.
Still unaware that he was causing it, I laid it all on the line
(normally you aren’t supposed to tell The Gifted about the immortal
struggle that they are involved in); I told him that he was causing
what was happening and told him, “Look dammit, the world is gonna end
if you don’t do something. I’ve seen it happen once and it’ll happen
again if you don’t act.” The information seemed to hit him hard, but it
seemed that he was starting to understand.

And as luck would have it, that’s when I woke up. {sigh} Oh well, c’est la vie.

Hollywood, call me. I got plenty more where that came from.

I’ve covered the great developer toolbar

for Firefox before, but it looks like Microsoft has come out with their own for Internet Explorer (works with 6.0 or later). 

It’s still in beta, so download and install with caution.

A friend of mine recently asked if Meebo

, the AJAX Web based IM product (which allows you to chat on AIM, MSN, Yahoo! and Jabber of GoogleTalk in one interface), was finally encrypting their passwords.

At the time that I wrote about meebo, they had made two colossal blunders. One was not encrypting passwords and the other was not having a privacy policy defined. Well, they’ve fixed both.

The privacy policy has been defined and according to their main page they are encrypting passwords with 1024-bit RSA keys.

Just to make sure that the passwords were not being transmitted in clear text, I opened up Ethereal and started a packet capture. Indeed the passwords are being encrypted when they are sent.

13 months ago, I watched the season 1 finale of Rescue Me on FX. At the very end they played Rubyhorse’s song Fell on Bad Days over some ending scenes.

I downloaded the song but I could never find the lyrics to it. The
other day, while puttering around on the web, I decided to give it
another shot. I didn’t find any official lyrics, because they can’t
seem to update their own website (way to go guys!) but I did find some
unofficial lyrics. Using that as a template (thanks to the guy who
posted them originally – I forgot your name – sorry), I modified some
of the words to what I hear. So here are my unofficial lyrics to the
song.

Fell on Bad Days – Rubyhorse (Unofficial lyrics)

Fell on bad
Fell on bad days
Oh your wicked
Oh your wicked way
Left me cold
Left me cold
Oh your dark
Oh your dark hair
Weaved for me
Weaved a cold snare
Left me hung
Left me hung
I know it’s there, but I still can’t see
I feel my faith disappear
Touch your skin and raven hair
Oh the devil’s deviled way

On the west
On the west wind
I hear your voice
Still it’s tempting
Like a siren
Like a siren
I know it’s there , but I still can’t see
I feel my faith disappear
Touch your skin and raven hair
Oh the devil’s deviled way

It doesn’t feel so bad now
It doesn’t feel so bad now
It doesn’t feel so bad now
It doesn’t feel so bad now…

While I’m on the subject of Rubyhorse, I was on their website and I noticed something. This image is from their navigation menu:

Notice the item highlighted. It reads “bored.” Who knew that this
would lead to their message board? Now I don’t know if you’re supposed
to click there when you’re bored or if they actually meant
“board.” If it’s the former, then that’s a major usability issue. Name
your navigation items something meaningful. If it’s the latter, well
that speaks for itself.

I’ve lived in Oregon for a while now (although I still refuse to
call myself an Oregonian) and all throughout, I’ve lived on the west
side of town.

With the exception of my first job, all of my other jobs have been
on the east side of town. This is good and it’s also bad. I love the
west side of town, but that’s just because I’ma ‘burb boy and that’s
all I’ve really known. The bad is US Highway 26.US Highway 26 is the
freeway that runs from the west side of town to the east side of town
is US Highway 26.

Historically, and I’m only counting since I’ve been here (~ 1997),
US Highway 26 (referred to as 26 from here on out), has been a complete
disaster.

If you wereheading east bound after work, you could expect to see a
complete clusterfuck of traffic before the first off ramp (the zoo off
ramp). To make this easier for people that don’t live here to
understand, I’ve grabbed some satellite images from google. Here is the
first image, which is what I was just describing.

That’s a terrible place for a slow down considering that you still
havevery long ways to go to get to the where the bulk of the burbs are
as evident by the next two images here and here.

What does this have to do with Vancouver? Well, since Vancouver has
been “the place” to live 26 no longer slows at image 1, it actually
slows down at image 3. Image 2 is just a filler to give you a scope of size.

That’s great for me. Unfortunately, the traffic has just shifted
somewhere else because I5 North is a complete disaster and is
un-drivable until approximately 7-8 PM.

Thanks Vancouverites!

I’ve been neglecting the RSS feeds on my site. Apparently when I coded the URL rewriting stuff, I broke the comments RSS system and therefore comments were unreadable using an aggregator such as SharpReader. I’ve now fixed that so that comments get properly enumerated again.

There were also errors that stopped my main feed from validating. I’ve fixed those and now it validates (with warnings).

To top off all the RSS coding that I’ve been doing today, I’ve created a new RSS feed for those readers that never actually visit the web site using a browser.

If you visit the site using a web browser, you’ll notice “media” sections on the right side of the page. Those sections are labeled “read”, “listen”, “watch”, and “play.” In those sections, I have links to what I’m currently reading, listening to, watching, and playing.

Until now, the “media” content was only accessible by viewing the site through a web browser. I’ve not made those into a separate RSS feed so that you can subscribe to it in your favorite aggregator. The URL for the feed is http://eddorre.com/mediarss.aspx

.

Here is something for the geeks out there. Anyone that has ever played a RTS (do I even need to say it? Real-Time Strategy) game will find this incredibly funny.

What would happen if World War II was a RTS game? Find out by reading the chat log

.

Here is a little sample:

Stalin: church help me
Churchill: like u helped me before? sure ill just sit here
Stalin: dont be an ass
Churchill: dont be a commie. oops too late
Eisenhower: LOL
benny-tow: hahahh oh shit help