" /> CTDATA: February 2001 Archives

« January 2001 | Main | March 2001 »

February 27, 2001

CTDATA Network Services Outage on February 27

Due to an operator error, network services to ctdata.com, rcnj.org, gcf-inc.com, aaharefs.org, and mvp-consult.com were disrupted from approximately 8:00 to 9:00 pm, Eastern Standard Time. All services have been restored. We apologize for any inconvenience that this outage may have caused you.

February 22, 2001

How Snow Shoveling Teaches Lessons About TCO

Dave Aiello wrote, "In my last sermon on the topic of home maintenance, I talked about the aerobic benefits of snow shoveling. Today, the New York Metropolitan Area got hit with another snow storm, so I thought I'd revisit the topic."

"Nothing teaches you about Total Cost of Ownership (TCO) like manually performing processes that can be automated. Home maintenance tasks are also great metaphors for maintaining an Internet infrastructure. You could pay for a service to come plow your driveway, or mow your lawn, but you choose to do it yourself. And, in the time it takes you to perform the task yourself, you wonder: 'Do I really need the decorative bricks around the garden in the front yard? After all, it's quite difficult to trim the grass around the garden.'"

"Of course the answer is no. If you take the bricks out, you can edge the garden properly. The newfound ease means that you can edge it everytime you mow, not just when you have nothing else planned for the afternoon. And, arguably, the garden looks better."

"Until I started thinking in these terms, I simply could not relate to many of the system administration admonitions I had heard in the past. I used to think, 'CTDATA doesn't have 100 machines, so why do we need a standard OS build? We can just repeat a documented hardening process on each machine after we install the Linux distribution.'"

Dave Aiello continued:

But the truth of the matter is, and we all know it, that no two installs come out exactly alike, even when all other aspects of the environment are equal. We pay the price everytime we run into a situation where we find a meaningless configuration difference between two machines. We have to think a lot harder about defending a box against hackers when knowledge of the configuration is not intuitive.

But, the biggest thing that mowing your own lawn teaches you is that you should not accumulate more lawn than you need. The equivalent idea in system administration is to run as few boxes as you can to safely and reliably handle your services and users.

When CTDATA first became a bit successful, I had a tendency to buy more computers and deploy more services than I could easily maintain with the staff I had available. I even went so far as to buy a system for development use and not properly install it until 10 or 11 months later. This is so wasteful of corporate resources, it almost makes me sick.

Looking back on my life so far, my father proved that he understood Total Cost of Ownership without touching a computer. Whenever I came up with an idea to make the house that I grew up in "more distinctive", he would point out the implicit cost of maintaining whatever I suggested.

I can't really fault him for not relating this to what I decided to do when I grew up. After all, the teachable moments in a relationship like father and son often occur early in the son's life. But also, I think that my father has a difficult time relating Web Sites and their upkeep to everyday tasks in the real world. Come to think of it, at times I do too.

It was the five or six opportunities I had to shovel the driveway by hand this season that brought it all together for me. When I reached the point where I was two-thirds to three-quarters done shoveling, I remembered the wisdom of my father, and related it to the tasks I perform everyday.

February 19, 2001

How Important was Dale Earnhardt?

Dave Aiello wrote, "We would be remiss if we did not acknowledge the passing of Dale Earnhardt as a result of injuries suffered in a crash in the Daytona 500 on Sunday. Our sympathies go out to his family, friends, and fans."

"Many so-called Popular Culture Web Sites are grasping for an explanation of the outpouring of grief at the death of Dale Earnhardt. Plastic.com cannot seem to bring itself to call NASCAR a sport without placing the word in quotation marks. Auto racing seems to get about as much respect as ice hockey does, from people who have never been exposed to either sport. Both sports are treated with contempt by people who feel that interest in them correlates with either a lack of education or low income."

"Yet, evidence of the impact that Dale Earnhardt had on society continues to surface. What do the cynics do when they find tributes like the one that North Carolina Governor Michael Easley's staff posted to his official Web Site? Remember, this is the state where Red Hat and SAS are headquartered."

"Clearly, auto racing is a part of the Southern culture and, to some extent, rural culture across the entire United States. It is worthy of respect, even as it searches in earnest for long-overdue safety improvements. We do not love racing, but we are smart enough to respect it, and to recognize one of its greatest champions of all time."

Chiquita to be Acquired by Consolidated Fruit?

Cornelius and Max are cautiously optimistic about a Wall Street Journal report that Consolidated Fruit may increase its stake in Chiquita Brands. Chiquita owns one of the most well known brands in consumer marketing history. Although the brand is not likely to go away in any event, we would support structural improvements to the business. If that means acquisition by Consolidated Fruit, so be it.

February 16, 2001

Seattle Experiences Biggest Snow Storm in 6 Years

Martin O'Donnell reports that he awoke in Seattle today to find the largest snow fall since 1995. Nice to know that some other region of the country is experiencing their fair share of winter this year.

Customers in Support Roles Should Register as Users of ctdata.com

Several of CTDATA's customers have individuals who serve as primary contacts when there are service outages or system enhancements. We recommend that those individuals register as users of the ctdata.com Web Site and subscribe to the Daily Headline Mailing.

The Daily Headline Mailing feature sends the headlines of stories posted to the ctdata.com home page in the last 24 hours. All customer service messages are routed through the home page, in addition to appearing on the Customer Service section page. Therefore, subscribers to the Daily Headline Mailing will automatically receive customer service advisories in a timely manner.

To register as a user, follow the instructions on the User Account page. Once customers have successfully registered, an email will be sent to them providing a password for the Web Site, as well as instructions for subscribing to the Daily Headline Mailing.

Why We're Paying Top Dollar for Our DSL Circuits

Dave Aiello wrote, "Although CTDATA uses T-1s to connect its servers to the Internet, the connections we have in our offices themselves are Symmetric DSL (SDSL). We use UUnet, a unit of Worldcom, as our ISP for DSL circuits."

"For a while now, we have considered switching to a less expensive ISP. But, we have decided not to do so, in light of the problems that Covad Communications has had collecting from ISPs that provide very low cost DSL services. This strategy is validated by reports on News.com that the Santa Clara (CA) County Superior Court ruled that Covad was within its rights to deprive DSLnetworks of service because they failed to pay bills presented by Covad."

"There is no doubt that this will continue to be a major issue in the market going forward. We should expect Competitive Local Exchange Carriers like Covad to refuse service to other delinquent ISPs in the future. Some of those ISPs will not be able to come up with the resources to pay past due bills."

Dave Aiello continued:

The risk of doing business with Covad will remain high for the foreseeable future, due to the possibility of Covad's own bankrupcy. But, the most likely short term scenario, in my opinion, is that Covad walks away from customers who are using delinquent ISPs.

Therefore, we urge our clients who have individually arranged DSL contracts to evaluate the credit-worthiness of their ISPs. You should change ISPs as soon as possible, if your ISP is not current on its payments to Covad.

February 14, 2001

Stop the Presses! Groks the Power of Email - Web Site Integration

We are a little behind in our reading, but we want to point out the February 7 edition of Stop the Presses!. The column, entitled "E-mail Your Audience Anything They Want" really nails the idea behind using email to drive traffic to a news-oriented Web Sites.

Steve Outing wrote, "With e-mail delivery of granular content, subscribers' interactions with the news organization are daily; they see the content and the associated advertising. And each piece of e-mail is a reminder to the online user about other content on the Web site, which encourages more Web site traffic. 'We need to get people to use (news Web sites) a lot better,' Dupont says; e-mail is part of the answer."

This article is aimed at newspaper Web Sites, but, we intend to put many of these features into practice as soon as possible on our most active Web Sites, ctdata.com and rcnj.org. We expect that the RCNJ Web Site will benefit particularly from mailing headlines and articles to its users.

Perhaps we can add features to Slashcode version 2.0 (aka Bender) that implement these ideas.

February 9, 2001

CTDATA User Account Password Policies

The other day, Mary Kuykendall asked what the restrictions are on changing user passwords on the servers operated by ctdata.com. We decided to publish the password restrictions on email accounts under the ctdata.com and gcf-inc.com domains.

Since authentication for the AAHA Officiating Program Member Database comes from the same source, these restrictions also apply to that application.

Read on for more details....

When changing your email password on ctdata.com or gcf-inc.com, or changing your access password on aaharefs.org, the following restrictions apply:

  1. Your password must be at least six characters in length.
  2. Your password must not be the same as any of your last 6 passwords.
  3. Your password expires 90 calendar days after it has been issued, unless you change it. Each time you change it, it will remain good for 90 days from that date.

When attempting to log in to these resources:

  1. Your account will be locked out after 10 failed login attempts within a single 10 minute period.
  2. Your account will remain locked out for 60 minutes, once it has been locked out.

Please note that nothing on this page is applicable to the Slashcode-based Web Applications on ctdata.com and rcnj.org.

Please contact your system administrator with any questions about these policies.

February 6, 2001

Disable JavaScript in Email to Avoid Disclosure of Message Contents

In light of the reports circulating around the Internet regarding the major mail readers' mishandling of JavaScript in messages containing HTML, CTDATA recommends that all customers disable execution of JavaScript in Email messages.

Read on for more details....

JavaScript may be disabled within email read by Netscape Communicator as follows:

  1. Choose "Preferences" from the "Edit" menu.
  2. Click on the "Advanced" item on the left hand pane of the Preferences window. (It is not necessary to expand the "Advanced" item to reveal the items beneath it in the hierarchy.)
  3. De-select the check box labeled "Enable JavaScript for Mail and News".

CTDATA does not recommend use of Microsoft Outlook or Outlook Express because those mail readers have been exploited repeatedly by viruses and trojan horses. In spite of this, we shall provide instructions to disable JavaScript in Email messages. Those instructions are not available at this time.

Users Thwarted in Attempt to Report HTML Mail Security Flaws

Wired News is reporting that a programmer in British Columbia found security flaws in the way email containing HTML was handled by Netscape Communicator and Microsoft Outlook. Although this discovery took place in 1998, Microsoft and third parties that tracked bugs in their software, deemed this problem "a privacy issue, not {a Microsoft Windows} problem".

The Wired News article is a pretty damning assessment of NTBugTraq, if the alleged response from the moderator of that mailing list is indicative of situations that they are willing to ignore. A lot of people within the Linux community are thought to be obsessive about security concerns. But, another interpretation is that they are "the canaries in the coal mine".

Winter Weather Finally Returns to New York City Area

Dave Aiello wrote, "Despite the fact it took me 4 hours and 20 minutes to get from New York City to Denville last night, I am pleased to report that we are experiencing a real winter in the New York Metropolitan Area this year. I have not bothered to measure the snow fall exactly, I'll leave that to others. I estimate that 15 to 18 inches of snow fell in Denville yesterday. For the entire season, I'm sure that we have recorded the most snow since 1996."

"In order to stay in good physical shape, I decided to do as much shoveling as possible around the house where I live. I have shoveled this winter for perhaps 10 hours in total. That seems like a lot to me. Last night, I started shoveling at 9:00 and finished around 11:00pm."

Dave Aiello continued:

The best discovery this winter, from a quality of life perspective, has been that we seem to be able to prevent problems with water in our basement when we get rain after heavy snow, or we get run-off from melting snow. The solution has not required us to regrade the driveway or install a great deal more drainage (as we thought). It simply required us to shovel all of the snow off of the paved areas of our property.

We got this understanding by pure luck, because I was looking for an aerobic alternative to running when the sidewalks are covered with four or five feet of snow which has been plowed off the adjoining street. What a bonus!

February 5, 2001

Slashcode Installation May be Greatly Aided by Apache Toolbox

Dave Aiello wrote, "One of the best ideas I got last week at LinuxWorld Expo came from Brian Aker of the Slashcode Project. He recommended that I use Apache Toolbox to cleanly install Apache and all of the other components of the suite required to run Bender or Slash 1.x."

"Today, Dave Winer mentioned Apache Toolbox on Scripting News. This was a good reminder to me to post an article about it on our Web Site."

"I am going to try to use Apache Toolbox on my first Bender installation, which I hope to perform sometime this week. I will post the results of this installation once I do it."

February 2, 2001

CTDATA Web Mail Upgraded to Handle HTML Messages Better

Dave Aiello wrote, "Users of CTDATA's Web Mail Service please note that we upgraded from Endymion MailMan Standard Version 3.0.20 to MailMail Standard Version 3.0.30. The primary effect that this will have on you is that you will be able to read more types of messages that contain HTML than you could before."

"Although this upgrade will solve a number of display issues, it will expose other problems with the appearance of some messages. Now that the Web Mail service can handle more types of HTML-based mail, you will be able to open some types that retain the bulk of their embedded graphics on a remote server. Since we run our Web Mail over SSL, the secure server will not display those remote graphics for you. There is no planned work-around for this."

"Remember that we operate this Web Mail service as a convenience to our mobile users, and not as a substitute for your full-featured mail reader."

Dave Aiello continued:

Users with an interest in technical issues may be interested in the Endymion Mailman Product Revision History which discusses the bug fixes and new features between 3.0.20 and 3.0.30. We were not aware of the periodic changes that had been rolled out, and we will attempt to monitor their site more closely in the future.

Please let me know if you have any comments or questions. We would greatly appreciate any bug reports. Please send them to webmaster@ctdata.com.

Is Yahoo's Integration of eGroups Finished?

eGroups users have probably noticed by now that Yahoo! has acquired the company, and it is now called Yahoo! Groups. This is probably a win-win situation for the two of them. But, a question that lingers now that the integration appears to be underway is, have they finished yet?

Here are a few reasons why we ask the question:

At least two of the three observations listed above are easily fixed. It's also not clear if there is any demand for consolidation of Yahoo! Clubs and Yahoo! Groups. But, it strikes us as strange that the integration of eGroups has been done in a way that seems unfinished. This is not the way Yahoo! typically does business, in our opinion.

Follow Up on SportBrain, After One Month of Use

Dave Aiello wrote, "A couple of weeks ago, I posted an article about SportBrain, a small wearable computer that helps measure the tacit physical activity in your life. I have been wearing SportBrain on my belt during my daily travels for about a month now, and I wanted to report on the results."

"From January 3 to 31, travelled about 115 miles on foot. I'm surprised that I walk an average of more than 4 miles a day, but maybe I shouldn't be. Many days, I visit clients in New York City and since I use mass transit, I find myself walking significant distances to and from PATH stations and New York City Subway stations."

"I think that many people would get a more accurate picture of their total exercise picture if they owned and used a SportBrain. I'm planning to keep using it."

SatireWire: Linux Community Agrees to Disband

Dave Aiello wrote, "Hemos on Slashdot pointed out this SatireWire article about the Linux Community deciding to disband after receiving reports of its impending doom pronounced by Microsoft executive Doug Miller in an interview with Wired News that really took place."

"I think SatireWire's piece is quite funny, but they missed an opportunity by not quoting a member of the BIND project. This is the project that maintains the most widely used DNS server on the Internet. Send me an email if you don't understand the point I'm trying to make."

February 1, 2001

Pyra Lays Off Employees, Keeps Blogger Running

Our friends at Plastic.com are reporting that the company that operates Blogger has laid off all of its employees. This is a surprise to some because many people in the industry know that Blogger has 75,000 registered users, many of whom remain active on the automated site.

Beyond all the other obvious questions about what this means for the industry is a practical question: can Evan Williams keep his servers running by himself?

Slashcode BOF Session Takes Place at LinuxWorld

Dave Aiello wrote, "Last night, I attended a Birds of a Feather (BOF) session on the Slashcode publishing system at LinuxWorld Expo in New York City. This session was attended by members of the core group of Slashcode maintainers, a few people interested in installing or hacking existing Slash sites, people who maintain Slash 1.x-based sites, and people who have forked from the current or previous distributions. (A lot of people reading this are totally lost now.)"

"I had never been to a BOF before, so I was interested in what they were like. After being at one, I am not sure that they are all the same. At this BOF, the people who consider themselves the maintainers sat or stood in front of a conference room and took questions from the people who considered themselves visitors. The BOF was moderated by Brian Aker who operates under the handle Krow on Slashdot and Slashcode."

"I had never met Brian before, but I thought he did a good job leading the discussion. The other members of the development team who attended chipped in with comments from time to time. In that way, I wish that the session had been more peer-to-peer oriented. It would be nice if I could remember exactly who was there. But, I was not able to associate names with faces to the extent that I had wanted prior to the session."

Dave Aiello continued:

One of the most refreshing parts of the discussion was the core developers' belief that Slashcode is a content management system. This is something that we have been arguing on this Web Site for many months. There is nothing inherently superior to Slash in the design of Vignette or Interwoven. These platforms have huge marketing resources behind them, and they have been adapted to more corporate purposes due to the vast amounts of capital their customers have paid to license them.