Important updates from Microsoft (KB970653)

I’ve been on vacation for a couple of weeks, trying first to battle the Evil Overlords (details on that later) and then spending some time at the beach (and yes, that’s the actual beach.. ) but this afternoon, when I laid my sunburned hands on the keyboard, I encountered the friendly (and highly obnoxious) icon in the system try telling my that I had new updates for my Vista system. Including one “Important” update for windows, and two “recommended” updates.  I thought that was a little odd, since I’ve just installed a bunch of updates a couple of days ago. Every time I install updates it\s a pain because I have to stop everything I’m doing and restart my machine. So it was with some trepidation that I clicked the system icon, and sure enough, it told me I would have to restart after I apply these changes. Yuck.

Well it doesn’t do to leave your system unpatched, I thought, and if Microsoft has updates for my machine, and labels them “important” I should probably install them right away, right? Especially if they have gone out of their way and released a second update package in the same week, got to be crucial.

Not so much. Turns out that KB970653 – the update in question – was an update to the time zone feature in my windows system. Apparently the people at Microsoft were so worried that I’d get the time wrong on my system that they felt the need to push out a special update package, and make me restart my system, just so that the timer wont be off.

Now I agree that the system time functions are important, especially if you are running database systems or servers. But for most of us, simple mortals who just use our computers for everyday life. Is all this hassle really necessary? Couldn’t this wait for the normal Update Tusday cycle? It makes me wonder what other junk Microsoft pushes down the pipe just because no one actually bothers to check if those “important” and “critical” updates really are all that crucial. Those of use who were around a few years ago probably remember Microsoft’s “Critical” update KB833404 that was put out in 2004 for every MS Office product there was. You’d think that a “critical” update for ALL of Office meant that they found and fixed some gaping security hole or something, but no, that critical update did nothing more than remove two swastika symbols that ended up in the wrong font. I’m not making this up.

Personally, I opted not to install the important update just yet. When I’m done with my vacation, and the laptop gets shutdown anyway so I can take to work, then I’ll do it. Until then I will stay with me, alas, not accurate time zone info. In the meantime, if anyone in Microsoft is reading this, I’d like to offer one thought: Before you randomly label updates as important and critical, you might want to take a moment to re-read the story about the boy who cried wolf. Not every update deserves panic mode treatment. Thanks.



Side Channel attacks

Last month I attended Cryptoday 2009 – a workshop on cryptography and security hosted by the Computer Science department of the Technion. Amongst the lectures there was one by Prof. Moni Naor of the Weizmann Institute that focused on the feasibility of, and defense from, certain kinds of attacks on security that circumnavigate traditional encryption by attempting to read information directly from the physical medium. Attacks which are known as “side-channel attacks”.

I’m mentioning this because the June issue of Scientific American Magazine published a really interesting article on the topic titled “How Hackers Can Steal Secrets from Reflections” which explains this kind of attack in a simple and interesting language. It’s a little far fetched, but well worth reading.


The epitome of gimmick

*** The original address for this post is If you read this post anywhere else, it means: A. It’s stolen.  and B. You read some mighty boring sites (That would steal THIS). 😉  ***

I haven’t had much time to update in the past couple of days (lots of fun Java work) but I wanted to share a small site which I think is a serious contender to the “Epitome of Gimmick” award:

The concept is simple: Darkness takes less energy than light, therefore, if we make our screen entirely black, it will take less energy than if it were white (like Google).

It’s a gimmick for two reasons.

A. Depending on your screen, black may actually take more energy than white, and

B. If you had said this five years ago, people would have looked at you like you’re nuts and asked you if you didn’t have anything better to do. If you say it five years from now, people would look at you like you’re nuts and ask we don’t you invest your energy in some REAL energy saving solutions.  But now, right now, people are already concerned enough about the environment to listen to things like this, and clueless enough to actually follow them. This leads to a site which has no distinction other than its color scheme becoming a major destination on the Net.

Something that isn’t special, but has something that looks special enough to attract your attention. Yup, that a gimmick alright. 🙂 Personaly, I’m waiting for the IPhone app that would blacken the touch screen…

Ok, Back to JavaLand.


Fair use vs Piracy

I mentioned a week ago that a certain site seems to be stealing programming-related content from several blogs including my own. I took it upon myself to notify the two other people who’s blogs I found and telling them too, and so I was delighted to hear from sriram chewsthefat – one of the two – who wanted to know how to lodge a complaint against the site in question. Sriram: Due to the fact that the site doesn’t have any email or contact information, I ended up lodging a complaint with their HOST company, called You can find exact directions on how to lodge a complaint at Good luck.

During the course of the week I discovered yet another site which was stealing my posts: (You might notice that the headline sounds awfully familar..) Yet, I don’t mind this one nearly as much, for a very simple reason: Whoever copied my post put a link to this blog at the bottom of the page. They didn’t pretend that they wrote my blindingly witty comments about the IPhone, they attributed them to the source.

That’s the small but oh-so-curcial detail. Above all else, a writer want to be read and recognized. When I write a piece about facade classes, of java Strings, or even why IPhones suck, I want who ever reads is to benifit from it, and I want that person to be able to respond to me. I don’t really care how a person found my words. I care that he finds them, reads them, knows who wrote them, and occationally write something back. Nothing is more exciting to a blogger then comments (hint hint) , so when a site uses my words but strippes out my name, that’s piracy, and it makes me mad. Where as a site that links back to me will never hear me complaining. And why should I? They’re just helping advertise my blog, it’s fair use. And if they make money in the process, well… I’ll chuck that up to advertising fees. 🙂

Good weekend,


P.S., On the same topic, check this out:

Being Spammed as a way of meeting new friends.

I mentioned in my previous post that a certine site seems to be stealling content from my site. And not just mine, incidentally, I found two more victims: (Post:differences-between-software-development-and-software-engineering) (post:/a-simple-logic-for-swapping-values-of-two-variables-without-using-temporary-variable-or-pointer)

Beyond being annoying and kinda pathetic, the problem that any blogger has with their posts being stolen is that it may result in lost readership from people who might have otherwies read to post in it’s proper place on the blog. So once I discovered that my posts are being stolen, I looked to see if there are any comments on them that “belong to me”.

While I’m happy to say that I didn’t find any real comments, I did find one spam comment about a money making scheme through Google. The whole thing wiffed of a scam from the get-go. I LOVE scams, and consider them some of humanity’s greatest work of fiction and innovation, so with a little screat throb in my heart, I clicked the link.

The scam itself was pretty basic, and a quick search for the guy’s name revealed a really neat site explaining the makeup of a scam page in detail, which was very interesting. But what caught my eye was the third link in the search result: a woman asking the guy from the scam page to stop spamming her. The synopsis was cute and witty, so I clicked on the link and discovered Clara Todd from Cambridge, UK,whose blog Anglodoodlge, managed to cram posts about the IPhone, a chicken coop, Poetry, and Bra sizes all in one page of posts. And make it funny, on top.

The kicker is, of course, that I would have never found Clara’s blog if we weren’t both (in a distant way) targets of the same spam. Seems to me there’s a new startup company here waiting for someone to start it: “Tell me who spams you and I’ll tell you who your friends are”. Could be the next big thing…