First Impression of Ubuntu 11.10, The Oneiric Ocelot

Saw 11.10 release the other day and gave it a go. The experience is less than impressive -- partly because 10.04 the Lynx set the bar pretty high.

The new desktop, Ubuntu Unity, started in 10.10 the Meerkat or maybe even earlier, as the default on netbooks. I remember immediately removing it and installing the classic Gnome back. I feel like doing the same thing with 11.10 -- I have a Asus EEE PC-901. After rebooting, the thing I immediately noticed was the slow boot. The Wow factor from the first time seeing Ubuntu 10.04 giving me the login screen in just 10 seconds was gone.

I have not mentioned the "waiting for network configuration" problem. When that message pops up on the Ubuntu boot splash window, if you press the Esc key, you will see that the boot process has actually gone passed the network configuration stage long ago. (It looks like some one may have been able to fix that problem.)

Unity did not work at all after the upgrade, likely because that I do not have a 3D accelerated video card. Switching to Unity 2D works but that still feels slow, much more sluggish than the classic Gnome in Ubuntu 10.10: Moving a window, you don't see it follow the mouse cursor as responsively as in Lynx or Meerkat.

The top panel bar -- I am not sure what it is called, Indicator panel? -- won't auto-hide, which annoys me. That is fine on a desktop, but a netbook's display real-estate is limited. I would like to use as much of the screen for work as possible.

Much in the System Settings panel seems to be gone as well, not just the icons (e.g., some of the apps in 11.10, both on the right-hand side vertical Launcher panel and in the System Settings window, refuse to display their icons, which I have not had a chance to figure out why.) I used to set the mouse cursor focus to follow the mouse pointer -- which allows one to type into an application without having to raise the window up to the front, rather than having to click a window.

I will give Unity a few more days, or even a few more weeks, before deciding if I will go back to Gnome classic, mostly because that it seems to be the direction Ubuntu is moving into. I will go back to classical Gnome if it continue to be sluggish.

[2011-10-31 Edit]

I decided to go back to Gnome classic on my netbook. It does seem to be a bit faster. While doing that, I also found out that the panel auto-hide setting has changed: Right click on the panel no longer works. One needs to Alt+Right-click the panel to get to the settings, which does not seem to work with Unity's top panel. I guess I am sticking with Gnome classic as long as I can.

Still having trouble with the booting process dropping to a shell on my desktop. Although exit out of the BusyBox shell gets it going, that prevents me from running it with VBoxVMService. Also, I am still having the Waiting for network configuration. . . problem, which is really annoying.

[2011-11-30 Edit]

Finally got around to fix the Waiting for network configuration. . . problem. The solution is to edit out the wired Ethernet interface section (eth0 on my netbook) in /etc/network/interfaces. I am not sure why the network configuration code could not sense that there is nothing plugged in there and skip the configuration in that case.

Google +1 Button

The Google +1 button is one easy way to share a web page with people on the Google+ social networking service from Google. Google has a specific page for it. Basically you need to add a JavaScript that works on a Google XML tag. But the problem is that when you use the Google Sites service, you cannot just insert a JavaScript snippet in a page.

So I searched for a Google+ button for Google Sites specifically and immediately found this gadget posted in the Google Sites forum:

http://code.alexandrojv.com/gadgets/Google-Plus-1-Button.xml

That made it a lot easier to add a Google +1 button in a Google Sites page.

电子邮件的安全问题

对内行来说，“电子邮件”和“安全”这两个词在同一句话里出现是不对的，因为电子邮件的设计从技术上来说，几乎就不可能是安全的。医院往外发的邮件都会自动加上一个免责声明：“Electronic Mail is not secure, may not be read every day, and should not be used for urgent or sensitive issues” -- 就是起一个警告作用。

比电子邮件安全的现代通讯手段多得是，但是，俗称“伊妹儿”的这东西可能是大多数网民第一个接触到的互联网通讯工具，方便、简单、实用。这也是为什么现在每个人的邮箱里都塞满了垃圾邮件，但还是无法舍弃电子邮件。通讯工具本质就决定了用的人多才方便实用，就算我个人不喜欢电子邮件，但是需要联系的人用 email，我也就只能将就了。两年多以前 Google Wave 推出的时候，我很激动了一阵，最终不得不放弃，在 Google 公布停止 Wave 的开发之前很久就停止了使用，原因很简单：我希望联系的人都不用 Wave。

写这篇文字的起因，是最近几天连续有几位平时有邮件来往的熟人都出现了问题，先是一位从英国伦敦发来一封紧急求助的邮件，述说财物被盗，让朋友们赶紧按信里给的地址汇钱相助。这种手法我见惯了，相信收到这封邮件的其他人也不会上当，但是我还是给所有人发了一封警告的邮件。第二天又收到另外一人的邮件，里面只有一个网页的网址，我知道多数也是被人冒名发的垃圾，点了进去，却发现冒名者还有更险恶的招数在里面。赶紧又给所有收件人发了一个警告，结果马上收到一位朋友的回邮，说她已经点了那个网页。幸好她还算有所警觉，没有再进一步上当。

这个网页点进去之后，浏览器里会弹出一个窗口，告诉你你的电脑有安全问题，你需要马上安装一个软件来解决问题。这次的这个网页设计得还不十分逼真，以前看见过更像真的。遇到这种情况，记住不要再点任何按钮，尽管弹出的窗口可能有“OK”和“Cancel”这样的选择，但是你点那个结果可能都是一样的。如果你不幸误点了任何按钮，记住千万不要同意安装任何软件；如果你更不幸安装了软件，那你就赶紧祈祷或者拜佛吧。

前段时间网上热烈讨论 Gmail，特别是一些中国维权人士的邮箱，遭遇来自中国的攻击一事。当时一位香港人士在 YouTube 上发了一段视频，显示了一个邮件里收到的视频链接，在点击了之后就在他的 Gmail 帐号里自动设置了一个邮件转发。随便在 YouTube 上搜索一下“Gmail hack”就能找到无数的视频，不过这并不是说 Gmail 特别不安全，实际上 Gmail 比其他一些同是通过浏览器操作的邮箱相对来说要比较安全一些 -- 注意我用的“比较”一词：我前面说过，目前的电子邮件技术不可能绝对安全，而浏览器操作的邮箱，如比较常见的 Gmail、Hotmail 以及 Yahoo! Mail 这些，又给恶人更多一些攻击的角度，所以，使用电子邮件记住一点：电子邮件不安全！

今天，我在三天之内收到第三个由熟人邮箱发来的垃圾邮件 -- 这三起一是 Hotmail，两个是 Yahoo! Mail，所以我想还是写一笔。

首先，是邮箱的密码：记得曾经看过一个教小孩上网安全的招贴画，说“密码象内裤一样，一定要定期更换。”一般人很少换密码，更不会象换内裤那么勤。但是如果你的邮箱密码十年没变，应该考虑变一下了。同时，密码也要讲究一些：不要太过熟悉、太过简单，比如电话号码、生日什么的，最好不要用。最好是自己设计一个规则：比如，如果你喜欢摇滚，可以记住一句歌词，或者记住一句俗语，象什么“害人之心不可有”之类的，然后抽取每个字（词）的第一个字母，加一些大小写变化，再加一些符号之类就不错：“H4zxbk6!”。

其次，还是要多一些安全意识。上述那位香港人士演示的通过 Gmail 邮件转发来偷人私信的手法，是利用了 Flash 软件的一个漏洞。Flash 是 Adobe 公司的一套软件，常被用来制作、放送网络视频、动画之类，基本上在所有的浏览器里都有 Flash 插件。如果有人恶意制作一个视频放在网上，然后通过电子邮件发给你，在你收看视频的时候，他背后偷偷地做一些小动作，比如偷你邮箱的 Cookie 去修改你邮箱的设置，你基本上根本不会注意。这种攻击手段往往容易让人中招，尤其如果你是从“熟人”那里收到转发的视频，你更可能放松警惕。Flash 是一个著名的不安全软件，但是挡不住用的人多，另外一个 Adobe Reader 用来阅读 PDF 文档的，也是 Adobe 公司的产品，两者都屡次被用作恶意攻击的工具。

再次，多数人使用微软的视窗 (Windows) 操作系统软件，但是多数人可能的都没有定期更新系统的习惯。这又是一个需要“象内裤一样”对待的事儿，一定要定期做。微软公司每个月至少发布一次安全补丁，如果你不修补你的电脑系统的话，后果就像裤子破了不补一样 -- 你知道会出现什么状况，对吧？当然，这些系统补丁有时候是会有意想不到的副作用，比如打完补丁系统无法启动之类的，可能会偶有发生，那也是无法避免的。作为微软的用户，你只能“两害相权取其轻”，或者闭着眼睛，在红药丸和蓝药丸两者之间选一个。

还有，就是微软视窗里的 IE (Internet Explorer) 浏览器软件，如果能不用，改用 Mozilla Firefox 或者 Google Chrome 浏览器最好。如果一定要用 IE，注意在定期做好系统补丁的同时，把 IE 更新到最新版本。

最后，还有一个办法就是彻底摆脱微软视窗的桎梏。以前，我一直向人推荐 Linux -- 这是一个开源的系统，相对来说市场占有率远远低于微软的视窗，没有病毒侵害之忧，而且操作上不比微软视窗差，只是有区别而已。现在，Linux 对我个人来说仍然是首选，但是市场上用谷歌安卓 (Google Android) 系统的智能手机、平板电脑类的产品已经非常丰富而且越来越多、越来越便宜，Google ChromeBook 一类产品也开始崭露头角，都是值得推荐的 PC 换代产品，当然如果你钱多的话，苹果公司的 Mac、iPhone、iPad 之类也是不错的选择。但是，从电子邮件的角度来说，安卓一类产品与 Gmail 的紧密结合用起来会比苹果公司的产品更方便。

说完这些，还是要重申一点：目前还没有什么能改变电子邮件不安全这一现实。

国际互联网机构敞开了域名系统的大门

(Source: Internet Body Opens Way For New Domain Names)

山姆 · 赫尔姆斯
道琼斯通讯社

新加坡（道琼斯）-- “点康姆”时代已经结束，欢迎进入“点神马”时代。

统管国际互联网域名政策的机构星期一表决通过了决议，将允许任何公司和个人以任何语言、注册任何字符串作为网站域名，这一步迈出可能会改变人们浏览互联网的习惯方法。在新的政策规定下，人们可以用 .com、.net 或者 .biz 以外的其他后缀来注册域名，甚至可以用单个词语做网址。

简称 ICANN 的非营利机构“国际互联网名称与编码联合体”介绍说，采用这一更加开放（同时也可能更加混乱）的域名注册办法，目的在于激发新一轮的创新。商业机构可以创立标志性域名来推广品牌，而专家们也说，这对银行一类注重联网安全问题的机构会起到帮助作用。也能帮助业者创造商业机会，销售二级域名。

“这可能是域名空间一个崭新的创新时代来临的曙光”，ICANN 的首席席执行官罗德·贝克斯特罗姆星期一在新加坡说。他接着道，“互联网的域名系统这一开放直面整个人类的想象力和创造力，将带来无穷的机会。”

总部在墨尔本的澳洲域名国际公司负责管理澳大利亚 (.au)、阿曼 (.om)、卡塔尔 (.qa) 和阿拉伯联合酋长国 (.ae) 等国家域名的注册，其首席执行官亚德里安·金德里斯目前正帮助他的客户做申请他们自己的顶级域名的准备。他说，这些申请者中主要是商业公司，希望保全其品牌，还有就是创业者希望在网络空间圈下一块有价值的“地皮”。

例如，注册“.doctor”（点医生）这个顶级域名的人可以靠向行医者专卖“某某医生”这样的二级域名赚钱。“我觉得这些域名可以卖 $1000 一个，因为顶级域名里可以建立验证机制来增值，”金德里斯说。

顶级域名可以由最长达 63 个字符的任何字符串构成，ICANN 说。例如，"asknotwhatyourcountrycandoforyouaskwhatyoucandoforyourcountry" 不加后缀可以用来注册域名。不过，申请人必须预付 $185000 美元来注册这样一个域名，而传统的域名将来还是只需很小的一笔费用。

ICANN 将在 2012 年 1 月 12 日至 4 月 12 日之间根据新的规则接受域名注册申请。第一批新域名在 2012 年下半年就可能上线。

ICANN 说，上述的昂贵收费是根据处理这类申请整个过程估计所需的成本，包括处理域名纠纷可能需要的法律程序和其他一些无法预料的事项，当然，这个域名“拍卖”也有可能产生相当可观的一笔收入，那将归入 ICANN 的储备基金。

“拍卖”的赢家将由专家组根据一系列条件来审核申请者合格与否，比如申请人使用所申请域名的计划，其商业模式是否能够持久，等等。

如果申请人在赢家公布之前撤回申请，将根据提前量得到相应的退款。

ICANN 如果怀疑申请人有对明显不属于他们的某品牌或商标侵权的图谋，将会拒绝其申请，由此可见，理论上真正有权申请象 .cocacola 这样一个域名的也就一家公司。

问题可能复杂化之处在于象 .anything 这类语义普通的域名，但这也可能是 ICANN 能捞一票的地方。

如果 ICANN 无法就某个域名从一组申请人中间挑出一个最合适的候选人，那么申请将进入拍卖程序，最终可能谁钱袋最大谁就是赢家。

ICANN 的主席 Peter Dengate Thrush 在媒体招待会上说，他觉得大部分纠纷会在申请程序之外、进入拍卖阶段之前得到解决。

“但是如果真的进入拍卖程序，卖得的钱也还是回归整个 ICANN 社区，用于正途，”他说，但没有具体说 ICANN 会拿这些钱干什么。

这不是 ICANN 头一次计划增加通用域名的数量。大约十年前，为了缓解对一些热门的域名的需求，类似 .info、.biz 和 .museum 等一批通用顶级域名投入了使用，但业界对这些新域名的反应并不踊跃。

-By Sam Holmes, Dow Jones Newswires; +65-6415-4157; samuel.holmes@dowjones.com

What's wrong with Cisco's software

Here is what's wrong: They obviously do not do quality control on their software.

Here is the proof: That is a warning message one gets when completing a Local Username NetConfig job instance.

Warning:

If you have selected Local credential in Common Parameters pane and Secret credential in IOS Parameters pane as Disable then Secret credential is updated in the Credentials database.

If you have selected Local credential as No Change in the Common Parameters pane and selected Disable for Secret credential in the IOS Parameters pane, then Secret credential is updated in the Device and Credentials database.

If you have selected Local credential as Disable in the Common Parameters pane, and selected No Change for Secret credential in the IOS Parameters pane, then Local credential is updated in the Device and Credentials database.

That message is as cryptic as this one -- But that is not the problem I am babbling about here.

The problem is: There is no Disable option, anywhere, period!

You can see in the second screen shot: There is No Change, Add, and Remove. But there is no Disable.

It's not like this is the first release of the software. It is CiscoWorks LMS 3.2.1.

[Edit 2011-06-01]: Here is another proof I almost forgot and got reminded today.

Mystery with CiscoWorks Device Discovery

Cisco Discovery Protocol (CDP) is a nice feature, similar to the standard Link Layer Discovery Protocol (LLDP), for discovering how devices are interconnected at the data link network layer -- or directly wired between devices, in plain English. CiscoWorks does a very good job discover devices on a network using CDP and other protocols. The way it is done is: (1) A protocol or a set of protocols are selected; (2) A set of seed devices are configured for each protocol; (3) A job is scheduled to run periodically to sweep the network.

We are pretty much a Cisco shop, so I select CDP and routing table, give them the core routers as seed devices, and set it to run every some days of the week. The job usually takes a long time due to the number of devices involved -- One could exclude devices by rules, such as IP address range or device classification (sysObjectID), etc. which would save time for the job as it avoids querying devices that may never respond.

The mystery I run into is that, my scheduled discovery job runs but never seems to be able to completely finish. CiscoWorks always tells me that it does not have any information for the latest discovery job. Cisco TAC engineers have provided suggestions, but nothing seems to help.

After some digging around, I found that the log rotation job I scheduled to run everyday is likely the culprit. I may have inadvertently checked the Restart Daemon Manager option when scheduling the log rotation job.

The lesson for me is, with Cisco's software, I have to be aware what I am doing every step of the way to avoid shooting myself in the foot. Otherwise, I may be in for a fun ride that is hard to find a way out.

VirtualBox as a Windows Service

Running VirtualBox as a service allows a guest virtual machine be automatically started when the host is started.

Just a few links for reference:

• Chapter 7. Remote virtual machines, Oracle VM VirtualBox^® User Manual, Oracle Corporation, Copyright © 2004-2011 Oracle Corporation
• How to run VirtualBox as service in Windows, 21 Jun 2009 @ 8:40 PM
• How to run multiple VirtualBox as service in Windows simultaneously, 08 Jul 2009 @ 10:22 AM
• Running VirtualBox VMs as Services in Windows, Joe Mocker's Weblog, Mar 04, 2010

CiscoWorks LMS 3.2 NetConfig Notes

I want to curse whomever at Cisco who wrote this message:

Warning:

If you have selected Enable Password in Common Parameters pane and Enable Secret in IOS Parameters pane as Disable then Enable Secret password is updated in the Credentials database.

If you have selected Enable Password as No Change in the Common Parameters pane and selected Disable for Enable Secret in the IOS Parameters pane, then Enable Secret Password is updated in the Device and Credentials database.

If you have selected Enable Password as Disable in the Common Parameters pane, and selected No Change for Enable Secret in the IOS Parameters pane, then Enable Password is updated in the Device and Credentials database.

Cisco's software always leaves a lot to be desired, maybe more than others'. But this is beyond the pale.

How to Build an FRC Team Website

I have volunteered to evaluate websites for the FIRST Robotics competition, since one of my daughters is in Team 3322. From reading the websites of a number of FIRST Robotics Competition (FRC) team websites, I see many of them are missing out on some very basic points. So I thought I would write down some thoughts.

Here is a website received the highest scores among the 11 sites I evaluated: http://www.team2834.com/. Take a look and you will see the points I am going to make below.

1. Promote FIRST RoboticsIt makes sense, doesn't it? Your team is part of the FIRST community made up by thousands of teams, and the FIRST community needs your team just like others to grow bigger and stronger. So promote the concept behind the FIRST competition to every one of the visitors to your site: Put the FIRST logo where your visitors see when they first come on to the site; Tell them about the game(s) of competition this year; Tell them more about the different programs FIRST has; What is FLL, FTC and FRC, etc. Materials are there on the FIRST website. You are not to copy and paste, but it is not hard to tell the story of FIRST once you learn what the community and programs have to offer.
2. Team BuildingYour team may be a rookie or a veteran. But your team and team members have their own stories. Tell them on the site. Tell your visitors who you are: Name and number of the team, who are the current members and alumni. Use words, images, videos to tell the stories of your past competitions, current activities, challenges and triumphant moments. Tell stories of people who support the team: mentors, parents and teachers.
3. Help OthersCoopetition is a word you hear a lot in FIRST events. Basically it means that the kids are competing with each other, while at the same time, they are helping -- cooperate with -- each other. What people do in that sense is to provide helpful information, links, pointers and some times tool kits, to other teams.
4. Meet Technical ChallengesThere are many technical challenges in the FIRST Robotics Competition. Specifically in building a website, one must make sure that the site passes a few marks:
   
   1. It needs to render correctly in all the major browser software: Chrome, Firefox, Internet Explorer, Opera and Safari. Multiple versions of Internet Explorers (6, 7, 8, 9) are in use, but it is probably OK just to target version 7.
   2. It is a plus if the site is made reasonably readable on a mobile device, such as an Android phone or an Apple iPod Touch.
   3. HTML validation: Make sure that there are no errors in the HTML code.
   4. CSS validation: The same here -- make sure there are no errors.
   5. Accessible to handicapped people: It may not come natural to everyone that people challenged physically are also online. It is not difficult to allow them to access a web site. But the tools they use do appreciate a little assistance. For example, giving a photograph an appropriate title, allows a blind person to hear what the photo is about.
5. Utilize Online Resources
   There are many resources available online for one to build a web site. For example, there are open source content management systems, such as Drupal, Joomla and WordPress that would make the website administration an easier job. There are also online tools to help with the technical challenges mentioned above. For example, the W3C has tools for HTML and CSS validation. There are also tools for accessibility test.
6. Have Fun!
   I am not good at that. But I trust that the kids will always find ways to have fun while doing things.

Rooting Gone Bad + Road to Recovery (I Hope)

Received on 3/31 my ViewSonic gTablet from the Woot sale. Immediately started researching rooting it and modifying it. To tell the truth, being able to run things on a tablet the way I want it is half the whole reason I want Android.

So I found the XDA Developers forum, registered and started my research. Perhaps being a Linux user, or perhaps the fact that rooting and installing the ClockworkMod Recovery was easy and smooth, made me feel a bit too brave than I should have. Anyway, I ended up following this simple set of instructions rather than dig deeper on the forum. I installed VEGAn-7-03082011-Experimental, rather than VEGAn 6 stable version, since many have reported that the VEGAn 7 experimental releases are stable enough for daily use.

Well, the gtablet ended up in a state where it powers up, displays the ViewSonic 3-bird image, and stops there. That was last night.

But all is not lost. Far from it, since I can hold volume up and start the gTablet in to the ClockworkMod Recovery mode.

At this point, I think I still have an option to repartition the tablet's inner storage (also an SD card?) before nvflash it.

References

• Install ClockworkMod, a ROM, Flash Player, and the Market Fix
• nvflash FULL restore, using bekit's original image (Instructions)
• G-Tablet Full Restore your Gtablet using nvflash - refresh to factory
• [FIX] Full market (improved market fix) on G Tablet (YouTube video)
• [FAQ] Viewsonic G-Tablet ROMs Frequently Asked Questions (READ THIS FIRST)

[Edit] -- Problem solved! The install guide listed first in the references above really made it easy. I guess the problem I had was caused either by missing a step (although I am pretty sure I followed the instructions to the letter) somewhere, or by the fact that the VEGAn 7 build is not for my particular gTablet.

Anyway, I redid the mod using the stable release of VEGAn v5.1 beta release. My tablet is back. Now I need to get Android Market working so I can get my apps.

[Resolved]