Hardware Mozilla

The laptop saga

Many have noticed I’ve been a bit slow in the past month, and that’s because of the ongoing laptop saga. Here’s the readers digest™ version:

My laptop had 2 problems. The primary (big) problem is that it was corrupting known good hard drives within hours. In addition to that (as if that wasn’t bad enough) the LCD having a grayish area in the lower left corner and several dead pixels scattered on the lower part of the display. A quick call to Lenovo (formerly IBM’s PC Division), and they sent a box and took my laptop for repairs. It came back unrepaired. The hard drive still corrupted quickly and bluescreened on first boot. The LCD was fixed, but now lighter on lower half than upper half making it awkward in DOS like environments, and impossible for any real graphic work). Obviously another computers faulty display thrown in my laptop.

I called within an hour of receiving the unit, and another box was sent out and it was taken back again (can I collect frequent flyer miles for my laptop?), and came a few days later still crashing, but this time, the LCD wasn’t working at all (nothing at all). The only way I found it crashing was by hooking up my external display to it. I called them back (again within minutes of opening the box) and they agreed to send another box out to me, and take the system for a third repair (in a little over a weeks time I should note). I’m assured this is an isolated incident and it will be resolved promptly. I then sent an email IBM’s CEO Sam Palmisano (yea I know he doesn’t really read them, but it made me feel better) explaining the situation:

I’m writing to express my extreme displeasure in your warranty repair service. I own a IBM Thinkpad A31 (2652m5u). It was sent in the first time (case xxxxxxx) because it was continuously corrupting multiple known good hard drives and the LCD had a faded grayish appearance in the lower left corner. Phone support was helpful and sent a box. A few days later it arrived. The hard drive problem persisted, and the LCD was replaced, but with an obvious refurbished unit likely returned for being faulty. The lower half of the display was lighter than the top half, making it unusable for any form of graphical work. I called the same day and told them that this was unacceptable. I was sent a new box which arrived the next day, and sent the system back for repairs (case xxxxxxx).

Today my computer came back yet again. The hard drive was replaced with something that sounds like it’s on it’s death bed. Rather than the slick IBM/Hitachi 7200RPM 60GB drive it’s likely some refurbished unit. In addition I now have no functioning LCD! It appears the solution to the distorted color is simply to disable the display.

I have been a big fan of IBM products, learning to use computers on my father’s IBM PC (I believe IBM 5150). Though my experience these past few weeks has significantly changed my confidence.

I was hoping only to go a day or two back at college with no working laptop, but now I have at least one more week as it goes in for more repairs, and hopefully a fix.

I really hope some reevaluates the warranty repair service as it’s Quality Assurance is clearly nonexistent. My laptop is now going in for the 3rd time for what should be routine repairs. It only took me a minute or two to find problems each time.

A rather unsatisfied customer,
Robert Accettura

This is the Friday of Labor Day weekend. I get a call a few hours later (about 4:30 PM EST on that Friday of a holiday weekend, Lenovo is also in EST) from someone at Executive Relations regarding my email (she quoted it and noted the sarcasm in their repair strategy, so I know she read it). She immediately emailed me new DHL labels to send it to her facility (not Lenovo’s contractor Solectron), but DHL was done with pickups for the weekend. So on Tuesday it went away yet again. DHL screws up shipping and instead of overnight they ground ship it instead, further wasting my time. A few days later I get a call with the diagnosis from the technician, the finding was it had some bad RAM, and the video inverter card needed to be replaced. They were also going to replace the system board which could be faulty (IDE controller most likely would be my guess). As soon as that’s fixed, it should be good to go! Well, they replaced those as soon as they got the parts (overnight), but the display still wasn’t working reliably. So a new LCD was needed. No dice on getting it shipped back to me that week. A day or so later, that was decided to be back-ordered for a while, indefinitely.

So I’ve been offered a brand new laptop under warranty (rather cool), but unfortunately it’s a little back-ordered. I was initially told about 10 days, but it’s now looking more like 20. So I’ve got a little more to go before expecting my new laptop to arrive.

Because I have no laptop, I’ve been only online at home, and computer labs, not at school. My laptop was also my primary development system. Keyboard time needs to be used a little more carefully than usual since it’s more limited. I’m hoping the estimated shipping time is overestimated and it ships out early, so I can get back to normal quickly.

Moral of the story is repair centers really do stink, but at least in this case Lenovo picked up the pieces and is trying to make things right (despite the never ending complications). I think this case has encountered all the bad luck it could (back-orders, shipping issues, holiday weekends delaying things, cell phone reception problems, you name it). So hopefully soon I’ll get my new system and things will go back to normal. I’ve got a feeling my case is rather unique because of these factors, and not likely representative of a typical experience (and no this isn’t some disclaimer, it’s an honest opinion).

Overall, I loved my old Thinkpad, almost like a Mac. It was very well built, a bit heavy, but the quality was excellent. From what I’ve read my new laptop continues that tradition, and will hopefully serve me well for years.

So yes, I still read email, keep an eye on things, read bugmail (well some of it). Just a bit slow right now. It’s been a pain, but at least Lenovo is taking care of it. I’ll be back and working 100% hopefully in the near future. Hopefully that (briefly) explains what’s been going on in recent weeks.

Update: Zach is having a strikingly similar problem with Apple. I guess laptops repair/replacement just doesn’t happen very promptly lately.

Update 2: Zach is resolved. As of yesterday, mine hasn’t even shipped. 🙁

Update 3: resolved!

Update 6/12/2006: Added some clarification to a few things, as well as the note and some wording adjustments.

Apple Hardware

Apple’s Black Box

This is a rather interesting promotion. Think Secret has a decent rundown of what’s in the mystery boxes. These new units fix some really big issues with the mini (faster hard drive, more video ram in particular). That faster hard drive will make a big issue with performance on the mini. It’s a really cool system, I love it. My biggest complaint is 256MB’s of RAM it originally shipped with (now a better 512), and the 4200RPM hard drive.


Woke up this morning

Woke up this morning, went to my Enterprise Computing class (an amusingly basic programming class I was encouraged to take because it’s VisualBasic .NET), to do this silly problem where using a loop calculate how long it would take to pay for payment making wage per hour:

Private Sub btnCalculate_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnCalculate.Click
        ‘ Declarations
        Dim payment, wage, totalWage, hours As Single
        ‘ Get input
        payment = Val(txtPayment.Text)
        wage = Val(txtWage.Text)
        ‘ Do the magic
        hours = 0
        totalWage = 0
        Do While (totalWage < payment)
            totalWage += wage
            hours += 1
        ‘ Print the result
        lblResult.Text = hours
    End Sub

Yea, I feel really good. And yes, that’s supposed to be a loop. 😀 Well worth getting out of bed ;-). Got a good laugh out of coming to class to see that as the lab.

Internet Politics Software Tech (General)

VoIP Number Portability

Why does history have to repeat itself? It took years to get Number Portability for cell phones. Why isn’t there an effort yet to do the same for VoIP? There’s some discussion here on the topic. Do we really need to get to the point of an epidemic with people locked in to their current provider? Can we be pre-emptive about this? Some things just never change. VoIP numbers should be portable. It should carry on that internet tradition. I have a domain name, but I can take it to any web host I want. If one starts to stink, I can move it away without problems.

I’m pretty sure this will become a big issue at some point. I just wish someone at the FCC would take it on now rather than wait.

General Mozilla Personal

Should be the last few days offline

I’m expecting a fixed laptop this week, I think every possible delay has run it’s course, so I can’t imagine how anything else can delay it now. So once again, I’ll be somewhat offline and slow on pretty much everything. Next weekend a bit limited as I test the laptop out a bit, and hopefully I’ll be kicking some butt again next Monday. I’ll give a more detailed account of my experience when it’s all done, explaining the good and the bad (it’s a long story, trust me).

Internet Mozilla Web Development

Web 2.0 I can’t hear you

There’s been a lot of talk about what seems to be called “Web 2.0” lately. It’s this new renaissance of browser wars, new dot com’s coming about, users contributing content (blogs, wiki’s), more fluid applications using AJAX, rich media over broadband, and all that good stuff. Personally I agree, we are at a great time for the Internet. I barely remember the last time it was this good. Ideas are flowing, and technology is advancing. But how far will it advance?

Using newly discovered (though not new) technologies like AJAX, it becomes possible to make a web page feel rather fluid. Almost to the point of a good client side application. Using something like SVG (or more likely Flash as SVG is still rather new) you can get enhance that even further. These are great. When put together nicely, you get this wonderful complete application. Well not really. Since very early on, computers gave audible feedback. Apparently we lost that in Web 1.0, and haven’t fixed that regression in “Web 2.0”. We leave it to plug ins like Flash, or QuickTime, but is that really appropriate? I will suggest it’s not. Audio has been rather closely integrated to computing since the beginning from those beeps computers made when keyboards really clicked as you typed. Auditory feedback is part of a complete application (that error beep when you do something wrong in an OS for example). We don’t have that on the web.

Innocent Proposal

Yes, I am aware the below proposal will upset some people, but hear me out before attacking.

I propose the web push to make OGG or find some other open solution to solve part of this problem. Pre recorded audio that’s compact and patent free so web application developers can provide audio feedback to user problems. OGG has been used by games such as Unreal for some time, so it’s proved to be adequate in quality. It would be perfect for things like voice overs, music, and other pre-defined audio purposes.

Secondly, there’s a need for what is essentially MIDIXML, MIDI in XML format. Something that could easily be generated by a server using JAVA, PHP, PERL, ASP, CF, or what ever language and transmitted. Since XML can be gziped, it could be compact (though a slight latency for gzip reasons). Easy for anyone to generate it would allow for much simpler creation of audio than ever before.

Bonus points for text-to-speech on the web, which would reinvent this whole thing to a new level (imagine using simple XML-like markup to present a human speaking, from within a web application). Combine that with AJAX and filling out your taxes on line could be designed in a way that would be usable. You could get explanations while you enter data, dynamic forms adjusting so you only see what you need to.

If these two formats were included in browsers like we now are seeing with CSS support that finally has started to come of age, Web 2.0 would essentially be able to replicate a client side experience, minus the graphical abilities, though flash can compensate for part of that. Sound isn’t just a frill, it’s partially accessibility. Audible feedback is a good thing. That’s why cars do it (in addition to that light on your dashboard), and aircraft as well “Pull Up!”. Even my cell phone is capable of audible feedback (key press sound, ringing, photo taking, etc.). Yet my computer can’t really do audio when online.

There is an annoyance factor of course (we all hate loud websites), but that could easily be compensated for by a good browser UI which could feature volume controls, including a mute capacity. Ideally plug ins would respect that setting so that the experience is clean and simple. Perhaps a way to have visual notification when audio is used if the user has it muted. This would mitigate the annoyance factor while providing for audible feedback.

Why not plug ins? Because they don’t standardize. We’d never get the penetration that you can get with standards. Look at video, there is still a complete lack of standards between players and codecs. Imagine if CSS was only available with a plug in. Do you think the entire web would download the CSS plug in? No, not likely. The penetration Flash has had is unique, and not likely to repeat itself, so that’s not even an argument. It’s one front the browser has no hand on. With video the browser at least has GIF support (which is on occasion used for things like webcams), it supports, images and text natively. But really no audio support.

Imagine a web application that could verbally explain a form to you (filing out taxes online?), or the ability to have a service like Gmail open in a tab, and get notification of a new message via audio. No javascript alert(). Imagine an online store with complete audio support (so far we really have only iTunes, which is proprietary).

Audio on the web has been misguided for a long time. I think Web 2.0 needs to address this. Audio is a part of computing.

The web is capable of so much, but it only touches 1 sense. If the web reaches 2 senses it doubles it’s potential. Perhaps in a few years I’ll be able to suggest SmellML or TouchML or TasteML.

Mozilla Software

Firefox and Security

ZDnet’s George Ou recently blogged about Firefox Security that raised a few questions in my mind (that he didn’t mention). I’d like to go over them briefly:

Is it possible to write a secure program (other than a “Hello World”)?

I’ll go on the record saying there is no such thing as a secure web browser, or any large program. It’s just not possible, at least right now (who knows what great secure programs we’ll have when the apes take over and enslave us). If you look hard enough you’ll find some vulnerabilities even in OpenBSD. Why? Studies have shown programmers make quite a few mistakes (isn’t that obvious?). In most cases these bugs are obscure “outlier” cases where 99% of users never see. Of those a small percentage are security vulnerabilities. As with anything there are degrees of severity (hence security vulnerabilities are rated). Many may never be experienced. But a few are found by accident, and a few by malice.

What is security, and how is it graded?

My big question is how do you grade a products security? It’s clear the industry as a whole doesn’t have a clue how to do so. Right now software security is an informal process of yelling “I found one” and posting a message showing the exploit. I personally believe a few things come into play when discussing if a product “is secure”:

  1. Response time for patching – does the creator issue a patch quickly, or do they take forever to acknowledge and fix the vulnerability.
  2. Box Install Security – how secure is the product “out of the box”? For example, OpenBSD is very secure out of the box, but I can still install a whole bunch of vulnerable software on it. Then who is at fault? Does that make OpenBSD less secure as a platform?
  3. Vulnerability vs. Exploit – just because there is a potential (vulnerability), doesn’t mean there is a will or capacity to do so, or someone already taking advantage (exploit). I’d much rather have software on my computer with 10,000 vulnerabilities than 1 exploit. I think most users would make the same choice should they be given it. We’d prefer 0 and 0, but we’ll take vulnerabilities over exploits.

How does Mozilla Firefox/Thunderbird rate on the above?

Well, lets go through each metric and discuss it briefly:

  1. Response time is rather quick typically (at least from what I’ve seen). It will get faster with Firefox 1.5, since patches can be deployed to Firefox users quicker. The quicker the user base updates, the less attractive an exploit is. Right now it’s not as easy to keep people up to date. They technically re-download the entire browser, which is somewhat slow, and turns people off. That’s not good. But the new update system is good.
  2. Box Install Security – this is a somewhat more complex issue. I’d say Firefox is rather secure out of the box, at least relative to IE since it doesn’t have ActiveX. It does have a platform for extensions, but any extension available from the installer (limited to DOM Inspector and [my child] Reporter) are clean. After that, it becomes the user’s responsibility to download from reputable developers (just like you would for any other download). IE technically does have an extension system (we see that with browser addons such as Google Toolbar), and is subject to the same principle.
  3. Exploits – I’ll leave it to you to check how they compare to their competition.

So is the honeymoon over?

I don’t think there ever was a real “honeymoon”. Since the beginning the purpose of was essentially (copied from the Developers page):

Developers can help Mozilla by fixing bugs, adding new features, making Mozilla smaller and faster, and making Mozilla development easier for others.

The emphasis is mine. It’s appreciated when people find bugs and vulnerabilities. To the degree of a $500 bounty on security vulnerabilities. So finding vulnerabilities means the honeymoon has finally arrived (if you want to look at it that way). The good thing about vulnerabilities is once they are patched, they won’t become exploits (unless the patch is ineffective for some reason). Similar to law enforcement getting tipped off about a robbery and acting on it. That’s not bad, it’s good, assuming your information is timely and accurate, and law enforcement is effective.

Again, it’s important to note the difference between a ‘vulnerability’ and an ‘exploit’. Technically every computer ships with a vulnerability: your keyboard and monitor. People can spy on you, and alter your data. Yes, it is a vulnerability. It’s #1. Is it feasible to fix? Likely not (though you can limit the effects by not working on sensitive info with people around, and locking your computer screen when your not in front of the keyboard). Exploits are what I’m personally afraid of. Thankfully none have really hit Firefox just yet. With the release of Firefox 1.5, and the new update system, it will be much easier to limit any damage an exploit could cause with easier updating to remove vulnerable systems.

Is there a lesson of the day?

I’d say there is a lesson. Keep your software up to date. No code is perfect, nor will it be anytime soon. If your up to date, you have the best defense out there. By choosing a product which has the best security model design , and keeping it updated is the first step to a secure computer. Obviously a virus scanner is good too. Personally I believe Firefox has a more secure design by not being so “friendly” with the OS, and not supporting ActiveX, but regardless of your choice, keep it up to date. I’m sure the IE team will agree that’s the single most important thing you can do to stay safe. Run the latest release version.

I’m personally surprised that in 2005 Apple and Microsoft still don’t have a method for software developers to register their products to be used with the default updating mechanism in the OS. It would be ideal if the OS could track updates for me and keep my system up to date. They only work for software from the OS maker. There are third party services for this (VersionTracker), but none in the OS itself. Instead we have a patchwork of updating mechanisms for products. Each work differently, and it’s a confusing mess. But that’s a topic for another day.


Google Blog Search

Personally I think RSS feeds [sample] are the best feature of the new Google Blog Search. Now how long until they are in web search?

In The News Internet

Ebay Buys Skype

Please oh please don’t ruin it like you did PayPals. Well, the news is out, eBay is going to buy Skype. For some reason, I have this belief that eBay will either stop letting it continue development (like PayPals seems somewhat frozen in time), or just start crippling it so people use the pay service (which I won’t). Would have been great if Google bought them, which I’ve been hoping for a while.


The weekly routine

As is now sadly routine, I’ll be a little slower in replies over the next couple of days, while waiting for my laptop to be repaired. I do expect it to be done this week as it’s in what should be competent hands (though Hurricane Ophelia is the latest thing threatening to delay it as it’s being repaired in North Carolina). My goal is to have a 100% working laptop on my desk at the latest by Friday morning. We’ll see how that goes. All I know is this is going on way to long.

Oh yea, DHL stinks. Instead of NEXTDAY service as the label suggests, they decided to ground ship it anyway (costing me an extra day). On the phone I was asked “Is there anything else I can do for you?” Yea… deliver my laptop! Between that and Labor Day on Monday, that basically wasted last week. This week a hurricane threatens it. Already had 2 failed attempts to repair it. Seems there’s a bipartisan conspiracy against me. I’ll detail this whole ordeal more when it’s done.

Tip: good customer support is worth it’s weight in gold. Having a good product, and poor support really lowers the value of the product. We’ll see how this ultimately pans out, but I’m starting to loose the little patience I have left.

Cross posting to Mozilla so this gives the heads up to those wondering why I’m not reading bugmail as often as I should.