## August 30, 2003

### R.I.P. Osirusoft

One of the best of the RBL services I use to filter mail on Golem went dead this past week, victim — I now learn — to a massive DDoS attack. Until I realized what was going on, this caused considerable problems with mail delivery on this machine, and even with posting comments on this blog.

Since spammers have already taken to using trojan horses to distribute spam, it was only a matter of time before they turned to using them to mount DDoS attacks on anti-spam sites.

The arms race continues…

## August 29, 2003

Is it a sign of progress that new Iraqi blogs (genuine, as far as I can tell) are springing up like toadstools after the rain?

• Where is Raed ? the grandaddy of Iraqi bloggers, Salam Pax blogged the build-up to the war, right through the invasion. He’s still going strong.
• G. in Baghdad a young Iraqi Christian and friend of Salam’s.

I don’t know, but after all the bad news coming out of Iraq recently, one looks for signs of improvement wherever one can find them.

Update (10/22/2003): Add Healing Iraq and Ishtar to the list.

Posted by distler at 11:06 PM | Permalink | Followups (3)

## August 28, 2003

### Another Approach to Comment Validation

Sean at agresticism is playing around with using XML Schema for comment validation (in VBScript, of all things!). His setup is still under development, but I like the idea of using an XHTML Schema and built-in XML processing tools much better than all the extra baggage attached to using the W3C Validator.

Non-MovableType users should definitely take a look.

## August 27, 2003

### More MathML Entities

Someday, I should go through the list of MathML entities and make sure that itex2MML has conversions from their (La)TeX equivalents. Ugh!, that’ll be a job.

In the meantime, I just keep stumbling on ones which aren’t defined. My last post required me to add \mp → &mp; to the list of known conversions. So here’s an updated version (just the executable was updated, not the MT plugin).

Posted by distler at 8:43 AM | Permalink | Followups (5)

### Belle de Jour

There’s recent data out from BELLE (the B-meson factory at KEK) indicating new (beyond the Standard Model) CP-violating physics.

Asymmetry data from BELLE, from which the value of $\sin(2\phi_1)$ is determined, plotted as a function of the decay time. The smooth dotted curve indicates what one would expect from the Standard Model, whereas the smooth solid curve is a fit to the observed data.

## August 23, 2003

### Fair and Balanced

The ruling has, rightly, been reported all over the blogosphere. but I’d like to add my voice to the chorus of praise for Judge Denny Chin’s decision, which found the Fox Propaganda Channel’s suit against Al Franken to be “wholly without merit, both factually and legally.”

This is, evidently, doing wonders for the sales of Franken’s new book (and subject of the suit), “Lies and the Lying Liars Who Tell Them: A fair and balanced look at the Right”, which seems like a fitting outcome, no?

## August 22, 2003

### The March of Technology

Back when Evan Goer did his XHTML 100 survey, it was depressingly clear that sites which did XHTML correctly were not exactly thick on the ground.

But now, four months later, there are some rays of hope.

• Evan’s list of X-Philes grows longer by the day.
• Some top-drawer geek weblogs are planning to convert to application/xhtml+xml.
• And some far-sighted individuals are talking about comment validation, etc.

Now, as you know, we here at Musings pride ourselves on having the world’s most technologically-advanced weblog. With all these rumblings of progress, we can’t exactly sit still, can we? So what to do?

Kick it up a notch!

Go to the previous post and hit the “Text Zoom” button in your browser. The equations rescale nicely along with the text. But you knew that already: it’s because we’re using MathML (converted automatically from LaTeX source) rather than crufty little GIF images for the equations.

But notice the figures. They rescale too. Whoa! That’s because Musings is now SVG-enabled. If you have Adobe’s plugin or a natively SVG-capable browser, you should be getting all the modern goodness. If not, you should get an old-skool GIF image instead. I haven’t tested this on a wide variety of browsers, but in my limited testing (with the Adobe plugin) it seems to work well.

Update (8/23/2003): Just to be clear (since this was the subject of some confusion), we’re not sticking SVG inline. Rather, we’re including it via the <object> tag. This makes it accessible to Adobe’s plugin and allows for graceful fallback (in this case, to a GIF image) for those whose browsers can’t handle SVG. The world just isn’t ready for inline SVG. Yet…

Update (9/3/2003): OK, my secrets are revealed here. Enjoy!

Posted by distler at 8:58 AM | Permalink | Followups (11)

### Déjà-Vu All Over Again

A decade ago, Matrix Models and noncritical string theories were the rage. Due to the work of Dijkgraaf and Vafa, there’s been a renewed interest in Matrix Models and, most recently, there’s been a big advance in understanding the large-N Matrix Quantum Mechanics, which — in the old days — was seen to be related to the $c=1$ noncritical string.

Now, much as I dread the thought of too many string theorists spending too much time in too few dimensions, some of the recent developments are kinda cool. So I thought I’d try to summarize them.

## August 20, 2003

### Fit to Print

Since Anne got me to thinking again about such matters, I created an aural stylesheet for this blog and — while I was at it — a print stylesheet as well. The former, I don’t have a good way of testing (at least it validates and has legal attribute values, unlike some others). The latter works great in Mozilla and OmniWeb 4.5 (which uses the same WebCore rendering engine as Safari), but screws up horribly in Safari: all the printed font-sizes are way too large.

Alas, Dave Hyatt is probably too busy defending himself against big machers complaining that Safari “misrenders” crapola invalid CSS (styling crapola invalid HTML) to turn his attention to actual bugs in Safari.

Sigh

Update: I 'spose I should try installing EmacsSpeak on one of our Linux boxes to test out that aural stylesheet. It’s free — as in speech and beer — and actually supports all this newfangled (i.e. 5 year old) W3C technology. Maybe I’ll get around to that someday …

## August 18, 2003

### DSL Hell?

Twice in the past couple of months, I’ve had the opportunity to use a residential DSL service (one from Covad, one from PacBell). In both cases, it was pretty much consistent that the DSL connection would drop whenever the phone rang.

Now, if all you do is surf the web (HTTP being a stateless protocol), you might not care too much that your connection is perennially dropping and quickly being reestablished. But if you are trying to use any stateful protocol (ftp, ssh, …), that behaviour leaves you hosed.

It’s possible that I just hit upon two lousy installations (bad house wiring, improperly installed filters or whatever). What I’d like to know from the DSL users reading this blog (my logs say you’re out there!) is:

• Is this common behaviour with DSL?
• If it is, why would anyone put up with such lousy service? (Aside from the obvious, “I can’t get Cable Modem service in my neighbourhood.”)
Posted by distler at 12:13 AM | Permalink | Followups (7)

### Dutch Education

Anne van Kesteren has been educating me about my incorrect usage of CSS in this blog. In XHTML the <body> element does not fill the entire viewport. So, when I apply a background styling to it, the background also should not fill the entire viewport1.

My design, in which the background applied to the <body> did fill the entire viewport was an accident, due to a bug in Mozilla. The correct way to achieve the desired effect is to style the “root” <html> element.

Unfortunately, this will mess up in some stupid browser written by a corporation in Washington State. Anne proposed (comment 10; Anne: your comments really should have permalinks!) the following workaround

html, body {
background:#EEE url(/~distler/blog/images/LightBlueTexture.gif) fixed;
}
html>body {background:none;}

This sets a background image for both the <html> and <body> elements and then turns off the background for the <body>. It assumes that the set of browsers which can correctly style the <html> element coincides with the set of browsers that understand the child selector html>body. I’m not sure that’s true (IE 6 ?), but life is too short to obsess about broken browsers. I’m sure someone will let me know if the background is messed up in their browser.

Update (8/24/2003): According to Anne, who’s done some testing, this hack will only work in IE 5.0/Win if there are no spaces in the child selector html>body. Lord, I hate CSS hacks.

1Strictly speaking, the <body> element doesn’t cover the entire viewport in HTML either. But the CSS Spec recommends that, for HTML (but not XHTML) documents, the background of the <body> element be applied to the entire viewport anyway, so that it will work as expected legacy browsers (which don’t recognize styling the <html> element).

Posted by distler at 12:00 AM | Permalink | Followups (5)

## August 17, 2003

### Technorati Plugin Patch

Adam Kalsey’s Technorati 1.0 plugin is out. It fixes many of the bugs I’d previously complained about. Unfortunately, it still needs the following patch

--- MTPlugins/Technorati.pm.orig	Mon Aug 11 17:10:46 2003
+++ MTPlugins/Technorati.pm	Mon Aug 11 17:12:07 2003
@@ -100,7 +100,7 @@
warn('<b>The Technorati service didn\'t answer. It might be down.</b>');
return '';
}
-        eval { $content_tree = XMLin(@{$content}[1]) };
+        eval { $content_tree = XMLin(@{$content}[1], SuppressEmpty => undef) };
return $ctx->error("Error reading XML content:$@.")
if ($@); next unless (!$@ and ref $content_tree and$content_tree->{document}->{item});


to work correctly. I had sent this to Adam, along with my other patches. But I guess it never made it into 1.0; so here it is again.

Posted by distler at 9:07 AM | Permalink | Followups (2)

## August 13, 2003

### It’s a Wonderful World

The world is weird and wonderful place.

A few recent bits of evidence:

Posted by distler at 12:30 PM | Permalink | Followups (6)

## August 11, 2003

### I’m a Thief

We’re renting a condo in Solana Beach, California for the week. After settling in, I flipped open my laptop and it automatically connected wirelessly to the network. Totally seamless, totally effortless — exactly the way the internet should be.

Except for one thing …

The condo didn’t come with wireless internet service. The hotspot evidently belongs a neighbour and, in this rabbit warren of units, I have no idea which one.

Mr. X hasn’t taken any of the steps he could have to secure his wireless network.

1. Create a “private network”. This is a proprietary extension to the WiFi protocol, special to Orinoco cards (such as the ones used in Apple’s Airport). Since the base station doesn’t advertise its existence, you have to know the SSID to join the network.
2. Restrict access by MAC address. Only registered hardware can join the network.
3. Turn on WEP encryption. It’s weak encryption, easily broken but it is safe from casual attempts at access.

Any one of these would have prevented my laptop from automatically joining his network. Even taken together, they might not thwart a determined attacker. But I’m not a determined attacker. I’m just the guy on vacation renting the condo downstairs. And all I did (really!) was flip open my iBook.

So I’m not going to feel too guilty about this. Mr. X is paying a flat rate to Cox Cable for his bandwidth. He evidently doesn’t know or care whether his neighbours are able to “share” his connection.

Or maybe, like all those folks creating freenets and public-access hotspots, he’s just trying to be neighbourly.

Maybe…

### MathML and Accessibility

Recently, I joked that, whatever my efforts to make these pages Accessible, no Screen Reader in existence could handle MathML.

I was just joking, right? The W3C designed MathML with accessibility in mind. And everyone, including the W3C recommends it as the format for putting math on the Web accessibly. Theoretically, this makes sense. The alternative (rendering each equation as a GIF image) is almost the definition of inaccessibility. It doesn’t even rescale when you rescale the text. On the other hand, MathML, being a dialect of XML, should be infinitely manipulable with technologies like XSLT.

Surely someone has put the pieces together. After all, T. V. Raman (one of the original members of the MathML design group) is the author of ASTER, which converts TeX/LaTeX to audio.

Well, apparently not. There was a certain amount of optimism back in 2000. The University of Toronto had two projects going, MAB, the MathML Audio Browser, and an XSLT stylesheet to convert MathML to AFNL.
Neither project has posted an update in years, and none of the other projects I was able to track down via Google has gone anywhere either.

So right now, the recommendation to use MathML for accessibility is just … wishful thinking. I’m using it because it’s the only sensible was to put math on the web. But accessible? Not for the foreseeable future.

## August 8, 2003

### Numb

I’ve been in a bit of a state of shock these past couple of days. I wasn’t sure I could write about it, but since it is now all over the Wire Services, I might as well post a link.

I don’t know that I have anything sensible to say about this tragedy. So I won’t try.

## August 4, 2003

### Vote Early, Vote Often

In the wake of the Florida Debacle of November 2000, there has been a headlong rush to replace paper ballots with electronic voting. Unfortunately, what passes for security among the manufacturers of such systems is a “Trust us, our super-secret hardware has never failed yet!”

Eric Rescorla discusses [tip 'o the hat to Ed Felten for the link] the recent Johns Hopkins report on Diebold’s voting machines (widely deployed in Maryland and elsewhere) and Diebold’s lame response.

The JHU researchers found a large number of vulnerabilities, but I’d like to focus on what I think is one of the most serious ones: multiple voting. According to the article the system uses smartcards to identify voters to the voting machines. However, multiple voting is prevented by having the machine tell the card to set an “I’ve already voted” bit. Accordingly, if you were able to make multiple copies of a smartcard or a smartcard that ignored that signal you could vote as many times as you wanted.

Hacking smartcards (a well-established, and very sophisticated sport) sure beats registering dead people to vote.

It’s not surprising that State Election Officials remain enamoured of the devices. The worst possible outcome from their point of view is a scandal like the one that erupted around Katherine Harris and the Florida election results. Without the pesky “paper trail” of actual physical ballots — hanging chads 'n all — it’s a lot harder for that to happen. In the brave new world of all-electronic voting, even massive voting irregularities, through equipment failure or through hacks like the ones described in the JHU report, would likely go undetected. Which, alas, suits the interests of election officials better than it does the cause of democracy.

Posted by distler at 2:30 AM | Permalink | Followups (1)