Anyone that puts an important file with an encrypted password on more than a dozen computers, with permissions of the file being world-readable, doesn’t really understand the ramifications involved.

Since then, I have been trying to “crack” the password through regular means.  Given their usage pattern, I’m fairly certain the password is 8 characters long, at least one capital letter, one number, and one special character.  Sadly, only that much information probably won’t be enough for me to crack it without throwing more compute power at it.  The tough part is that its a salted hash, so I can’t really use Rainbow Tables, and I’ve already tried dictionary attacks with Webster’s Dictionary.  So, I’ve resorted to brute-force automated guessing.  JTR seems pretty good at this, but even so it will probably take months to obtain the plaintext password.  It has been running for 11+ days so far.

The encrypted password in question is: {SSHA}KZhA0wzX4AThn9CkxBgYDmmy42pNY9ME

Salted SHA-1, of course.  If you know encryption algorithms, you already know what this is likely used for, but I won’t give that away.  I won’t tell you what its used for, or who it belongs to, or what you might do with it once you’ve cracked it, suffice to say the plaintext password in the wrong hands could cause some damage.

If you know of a quick way to crack such a password, other than what I’ve tried so far, drop me a line.

Not just oh-we’ll-find-a-way-to-fix-or-deal-with-it bad, we’re talking a downward spiral that slopes deeper the further we decline until we have reached “terminal velocity”.  The bottom is not yet in sight.

Why?  Well, I’ll tell ya why…  in a minute.  First, I’ll put things into perspective by shedding a bright historical light on the subject.  This is not to mean that the history of email is dark or bad — but the present state of email certainly is, compared to its early days.

Email (not E-mail, since words that are introduced into the English language are often comprised of multiple words that stand on their own, separated by hyphens, normally lose their hyphens as the new words gain wider acceptance) as we know it today, was originally created in the early 1970’s, purely as an experiment, though in a slightly different form.  To put this into proper context, we’ll go back just a bit further. Email (at this time E-mail, or “electronic mail”) only existed in self-contained systems.  People would log into one specific machine (a time-sharing device, which was basically a big expensive computer that a group of people shared at different times) to perform their work, and would occasionally leave messages for one another to read whenever the next person would log in again.  This concept of “self contained” email would eventually evolve into other implementations of the same use — such as Microsoft Mail, which was designed as a central system, namely in an office building, that people would use to talk to only other people in the same office.  I digress…  but, even in its first use case, Email (and E-mail) was used as a convenience.  Some would say, a luxury tool — to save people from leaving yellow sticky notes somewhere, or picking up a phone to talk to someone that may not have time to talk to you.  In tech-geek-speak, email is asynchronous communication:  I can talk to you as much as I like, and you can reply back to me, but it is pure coincidence if we happen to talk to each other at the same time  (there is a variable delay between one person talking and the other person replying).

From being an easy way to leave messages for other people sharing the computer, it turned into a way of leaving messages for people using other computers — no longer “self contained” email, but networked email.  At this point, email diverged into two uses:  local “self contained” messaging on one computer, and “networked” messaging.  The two remained distinct for quite a while, as there were people sharing central computers that had very little need to communicate with people sharing other computers, yet there were people that had a valid need for such distant communication even if “distant” meant “the computer right next to mine in the same room”.  Still, it was viewed as leaving an electronic sticky note on the screen for whenever that person logged in again.  As such with StickyNotes, eventually the glue on the paper dries and at that point it no longer sticks to anything, falling off the surface to become lost when the cleaning lady vacuums the floor.  This was the expectation for early email — “Joe, I left you a quick message about the widget, if you have concerns just give me a call.”  If the email message was lost, deleted accidentally, or was never delivered, it was no big deal because the communication was eventually going to take place in person anyway, and there was no guarantee the intended person would ever read the message in the first place.

As the novelty of communicating with other people on other computers evolved, so did the implementation of email.  To send an email message to someone outside the shared computer, a person needed to know *which* other computer the recipient used.  The @ was born, since that seemed like the most logical delimeter to distinguish “user” from “computer”, and since neither could contain the @ symbol.  For similar computers, the method was “user@computer”, to properly address an email message.  For different systems, it wasn’t so clear.  In fact, it became downright complicated and confusing.  If a person needed to send a message to a distant computer, but the distant system could not accept “user@computer” (possibly it used the @ for something other than a delimeter), the sender of the message needed to know not only who to address the message to, and *which* computer that user used, the sender also needed to know the path the message would take when it was sent from computer to computer to computer.  UUCP (Unix-to-Unix-Copy) was born.  Imagine instead of smith@accounting it was  !cenvax!westnode!accounting!smith.  Gateways from one type of email system to another type had to be erected, to handle the messages and translate one address into another.  Yet, even then, email was still viewed as “fire and forget” in the sense that whenever the recipient got the message, IF they got the message, they will eventually acknowledge by replying in some fashion as courtesy.

Back in my early days of email, I worked in the military in the computer support office.  Then, email was more a novelty than a necessity.  I vividly remember a sergeant I worked with would get daily phone calls after creating a new email account for someone.  Someone would normally call him up to complain “its been 3 days since you created my email account, and I haven’t got any email yet.  I think its broken.”  He would always reply with the same thing:  “you have to send email to get email”, which basically was his smartypants way of saying “it isn’t broken because you didn’t get anything.  You probably didn’t get any email because no one knows you have an email address, or they have nothing to say to you, or all the people you want to talk to don’t have email themselves.”   He would hang up the phone and we would have a chuckle, then I would joke about how the first person in the world with a fax machine probably wondered why he invested so much money in a device that strangely never prints out any faxes.

Slowly, email became the “killer app”.

[For the uninitiated, a "killer app" is an application (a program or function) that is just so utterly cool and awesome it is NEEDED so much that the purchase of an expensive device is justified, simply to use the application.  The other programs and software are bonus, and not needed as much, compared to THE reason the computer was purchased.]

Everyone seemed fascinated with the ability to talk to ANYONE (as long as they were “on email too”) for FREE.  Its better than long distance calling!!  No more busy signals or answering machines!  And its FREE!!

“Move over word processor, I’m going to communicate with the world!!  Shrink yourself into a microscopic icon, Mr. Spreadsheet, EMAIL is the real reason I have a computer!  Now, if only I knew what to say, and who to talk to.  Maybe someone will figure out how to contact me, so we can send messages back and forth.”

Today, no one really needs to know the path a message takes to reach its intended recipient (in some instances, even the recipient need not be known) because we address email to “user@something.somethingelse.com” and we trust the system to do the Right Thing to deliver the message.  To the right person.  At the right time.  “When it absolutely positively needs to be there…”  within the next 15 seconds else I’m going to wonder what the HELL is taking so long, and why haven’t they replied yet because I just got a message that says they’ve read it and it better not have been marked as spam because it wasn’t spam!!

Email has become the primary method of daily communication.  No longer do you “need to send mail to get mail”.  If your email address is on a web page, business card, or if you have ever used your email address to log into a website, YOU’VE GOT MAIL.   Whether you want it or not.  We email each other about meetings, to talk about email.  We email appointments, contact information, political opinions, love letters, chain-messages, advertisements.  The type of content goes on and on.  The problem is no longer about how we communicate with the right person on the right computer, but how to silence the noise to get to the legitimate messages that we need to read.

In the past, whether it was “self contained” or sent from the other side of the continent, each message was read and discarded soon thereafter.  Lately, email is received and almost immediately archived for “safe-keeping”, sometimes without it even being read.   It seems the focus now is not the immediate meaning of each message, but that a potential need might arise in the future where we might need to re-read the message.  Email used to consist of one file, appended to whenever new messages arrived — older mail was at the top of the file and newer mail was at the bottom/end.  Email now has folders, sorting, searching, tagging, categorizing, filtering, and archiving of all types.  We rarely, if ever, delete email that we’ve read.  Sure, it was really nifty when Google unleashed GMail to the world with its “2GB and growing” size limit on the amount of email one person could have, but if we’re only talking about purely text-based messages it amounts to billions of messages. (By the way, it is no longer only 2GB — its more like 7 or 8GB now.)

Email is no longer just the “killer app” in the sense of being able to communicate with anyone.  It is a presentation moniker; an address with @gmail.com is not as prestigious as it once was, but an address with @yourreallastname.com is.  It is a storage mechanism; people have figured out a way to use free online web email accounts to store documents, MP3s, and photos.  It is a calendar; if you’re using a particular email system that is tied into a shared calendar, you can send/receive appointments, and reminders of upcoming events.  It is a ToDo list; some people have an email folder with messages they have sent to themselves containing the errands they need to perform in the course of a day.  It is a webpage; modern email software will accept HTML in the body of an email message and interpret the language of webpages, even in the sense that images need not be attachments to the email but can be referenced to elsewhere on the Internet.  It is submissible legal evidence; there is legal precedence where email messages are a form of evidence, able to be subpoenaed by a court of law.

How did we get this way?  What changed so radically that “e-mail” could come from an experiment on the ARPANET (a solution looking for a problem), to “email”, a common term of the layman’s vernacular so much that it is no longer a privilege but a rite?   How could a function of computer networking change the way we communicate, yet itself change so little?

How is it that email is no longer a novelty method of asynchronous communication, but is now a basic human necessity in the modern world, measured not in its content of communication, but in cosmetic appeal of its address and in its storage size limit?

I haven’t even got to the bad part yet.

SMTP, or Simple Mail Transfer Protocol, was basically an afterthought in the broad historical map of the creation of the experimental networks that were the grandfathers of the Internet we know today.  SMTP is the most widely accepted and “standardized” method of sending and receiving email.  It was essentially created to bridge the gap between unlike electronic messaging systems, back when “e-mail” was growing in popularity and usefulness.  The unfortunate part of the story, though, is that SMTP was created back when there was no real malicious threat or intent proliferating through the networks.  Users basically trusted other users in the sense that everyone followed the same rules because that was what it meant to “be connected”.  After all, if you behaved badly on the network, people would want to network with you less, until eventually you would be partitioned from everyone else in such a way that you gain a decreasing benefit from being part of the network.  It was a self-governing system, yet relatively unofficial.  “Netiquette” dictated good form and respectable practices toward other network-citizens, which mainly consisted of college students and faculty among connected higher education organizations.  SMTP was very trusting back then, and still is.

To this day, anyone can still send email as anyone else — so easily that specialized software is of little concern.  Simply connecting to a mail server with a bare terminal (Telnet), typing the correct sequence of commands and syntax, and voila!  You just forged an email message.  If you’re lucky, someone will believe they’re talking to whom you pretended to be.

What does all this mean, then?  Put together all what I’ve said so far, and it paints a rather dark and confusing portrait.  Email is *everything*, yet flimsy in it being unreliably verifiable.  Email messages pass from machine to machine across the room, or across the hemisphere, and yet they are “essential communications”.  They are submissible in a court of law, yet easily forged.  Messages are quickly and easily created and more easily deleted, yet we archive them for years or even decades with the possibility that we might need them later even though we already know what each message means, resulting in a liability if they are ever subpoenaed, and requiring constantly increasing storage.

How do we end this accelerating downward spiral, or at least slow it down so we might recognize and begin to approach the problem?

When will added functionality, storage space, and guarantees of quality be enough for this old and simple luxury of slow and insecure communication?  When will we finally realize that we have already outlived email’s usefulness and begin using the next electronic communication “killer app”?

If anyone reading this knows the answer to any of the above, drop me an email. 

[3 Oct 2009 Edit: I JUST found out about Google Wave!!  Go here, here, or here to learn more about it.  It is in closed invitation beta right now, but I hear its going to be released this year.]

Anyway…

I’m actually still in the initial stages, in the overall context of the project.  Basically, to create a Linux distribution (from scratch, as I am doing), it begins similar to a chicken-and-egg problem.  You have to use an existing system to create building blocks, and use the building blocks to create a complete toolset.  Then, you use the toolset in a limited environment, which makes zero assumptions (a “chroot” environment, for geeks out there), to begin construction of the target system.

While doing this is actually pretty straightforward, usually, the difficulty and complexity enters the stage when thoughts about the future begin to crop up.  Issues such as future maintenance and automation complicate matters because while there might be a working toolset to construct a target system, no one wants to have to manually create the target system each time something changes.  Also, if something changes within the toolset itself, the component will need to be rebuilt, or worse, the entire toolset will require rebuilding such that the whole thing remains cohesive.

This is similar to around the time when man first thought about hunting and killing for food.  He realized he could fashion a tool to make a weapon.  Next, he used the tool to create the weapon, which was then used to hunt and kill for food.  As evolution continued, he created more efficient tools, to in turn create better weapons that would enable him to hunt and kill more exotic food.  The same general principle exists when creating a Linux distribution — though, we’re not depending on the need to eat in our software toolchain, we are depending on the ability to make more software available, which will comprise a Linux distro.  The tricky part is to know how to manufacture tools in such a way that when a component in the process breaks, it is trivial to fix it so much to the point that if a tool very deep in the toolset breaks there is less need to re-manufacture everything that was built with it.  Henry Ford had a very good idea, with small replaceable parts.

At this point, I’m at the point that I have the toolchain built.  Before I go much further, I need to figure out a sensible way to maintain this toolchain so that if/when something becomes stale or breaks, I will spend less time repairing the toolchain and more time tending to the actual Linux software in the distribution.  Also, since the toolchain itself was build manually and painstakingly, I also need a system to churn out software using the toolset I have.  Perhaps a framework/system could be used for both maintaining the toolset, and maintaining the distro?

I’m quite sure this is not entirely a brand new problem — major Linux distros would have had to flesh this out very early on.  The trouble is, though, whatever they’re using to handle this type of framework, they’re not very up front in saying exactly what they use, what it does, or where it came from.

I know what I want my system to do.  I have a general idea how it should fit all together.  My dilemma is that I’m splitting my time between searching the Internet for any existing software to satisfy the need, and planning how I might create my own toolchain/distro maintenance framework/system.  There are, actually, existing systems that do something along these lines, but they were designed for very specific purposes, and implemented with specific needs in mind, which resulted in assumptions that require specific platforms.  Not very useful in my case, because I’m creating from scratch with no assumptions.

Eventually, I will have an automated system that will:

• institute modularity wherever practical
• automatically rebuild (with dependent software if necessary) anything that needs updating/fixing
• handle both the toolchain itself, and the target Linux software

The site, now released to the public, is Suse Studio.  The concept behind the service is that you can remotely create, per your preferences, a Linux distribution, based on a recent Suse flavor — basically, either OpenSUSE or SUSE Enterprise Linux.

How does it work?  You login (with OpenID, or after creating an account), select a base to begin with;  GNOME, KDE, generic X, text only, etc.  You can select 32-bit or 64-bit.  Then, you can select software to be installed down to the specific package.  You can even upload your own packages — rpm, .tar, .tar.gz, .tgz, .tar.bz2, .tbz, or .zip, specify particular software repositories, or choose from over 300 pre-existing software repositories (some with rarely found packages, such as ATI or nVIDIA drivers).  After selecting software to be installed, you are brought to a configuration webpage that allows you to completely configure the system prior to building it, with the added option of uploading your own customized files.  After building the system, it can be tested via “test drive” — completely able to log into the newly built system via the website.

Once the system has been built (and optionally tested), it can be downloaded and installed as either:  Disk image, LiveCD (ISO image), Xen virtual machine, or VMware appliance.

The service is intelligently laid out, and quite intuitive, enabling the user to create systems within minutes.  Suse Studio routinely clears out built systems, but keeps the meta-info such that systems specified previously can be re-built easily and quickly.

It really seems to be a well thought out service.  I have experienced other web services that allow the user to build a Linux distribution, but never anything this detailed.

But, Dave…  There are well over 800 Linux distributions out there already.  What makes you think you can compete?

Competing is not the point.  The point in mountain climbing is not to see who can reach the top first, but to learn something about yourself, and generally “because its there”.  If my Linux distro gains momentum and ends up being something more than just a hobby/pasttime, great!  If it doesn’t, that’s fine too.  I’m not going to make any promises to anyone, at first, because this will be to used fulfill my own needs which don’t necessarily apply to anyone else.  If I later discover that other people have needs similar to mine, we’ll talk about where to go from there.

Basically, there are two approaches in creating your own Linux distribution:  building from scratch, and basing it on existing.  Some Linux distros are based on other Linux distros.  For example, Ubuntu was created out of re-building software packages from the Debian/GNU Linux distribution, but Debian was created from scratch by hundreds of volunteers.  Ubuntu itself has spawned derivative Linux distributions; Kubuntu, Xubuntu, Ubuntu Studio, and Mythbuntu to name a few.  Both methods have their advantages and disadvantages, and both are equally valid (and probably equally popular).

A few existing Linux distros come with their own “roll your own” application that will automagically create a customized ISO image that you can use to modify/install/spin/fold/mutilate to your heart’s content.  Yes, the method bases it on a specific Linux distro, but it will be relatively different depending on the customizations you’ve set in place.  For example, Fedora has Revisor.  There are also non-distro-specific utilities on the web such as Instalinux, as well as complete Linux distros based on customization and optimization in which everything is built from source — Gentoo.

The other method is to construct a Linux distribution completely from scratch, appropriately named Linux From Scratch (LFS).  While this approach isn’t entirely difficult initially — its just building binary files from source files — it is time-consuming.  It is also recursive, meaning that software you compile in the beginning stages are depended upon by other software you build later, and you’ll have to start over from the point of contention if you discover something broken.  This is termed “building the toolchain”.  Building software so that you can build other software with it, that software becomes dependent on the initial software build, which is then used to build even more software — creating a chain of software used to create a system, which will be bundled together to form an installation, and a Linux distribution.  That’s the easy part.  The hard part isn’t in building the software; its in maintaining the whole thing such that when a bug is discovered it is easily and quickly patched/fixed and the remaining components of the toolchain remain relatively unaffected or are automatically rebuilt using the new link in the toolchain.

Whatever method used to build the Linux distribution, there still needs to be some point to the exercise, else time invested is wasted in making an exact copy of something that could have been simply downloaded to begin with.

My goals:

• Hybrid approach, mixing Linux From Scratch with useful tools from established distributions.
• A practical level of security in the system, without sacrificing usability.
• An agnostic mindset for software packages, trying not to rely on one set of software built for one distribution.  A best of breed path would be ideal, taking the best software from well known distributions, and possibly introducing software that is not available in any Linux distro.
• Initially, aim at the desktop and see how that goes before configuring things for a server platform.
• Simple for the user, but without the cost of being difficult or complicated for the system administrator (who is often the user also).

I’ve had quite a few discussions with friends about what I should name it. After all, that’s the most important aspect of a Linux distribution, right?  Amazingly, in the discussions about naming my distro, no one ever asked me what I wanted it to do — but everyone has suggestions for a name.  I guess in the age of Google, and Yahoo, the name doesn’t have to be related to what it does.  I have a pretty good idea what I want to name it, but that may change later.  Considering there are over 600 distributions of Linux in circulation, a few hundred discontinued, and a few hundred more about to be announced (some of which might be discontinued in a few months), the name doesn’t matter that much to me as long as it isn’t completely ridiculous.  Douchebag Linux doesn’t smack of “Download me!  Use me!  I’m useful!”  On the other hand, Master of All Linux sounds good, but is probably just a tad too ambitious.

I wish there was a quick way to check if a name is already taken.  Like a global registry, or something that I could search for to determine if a name is used.  Distrowatch.com is good, but there is a 90 day waiting period for a Linux distro to be added to the list because “this is to discourage submission of new projects that start with great enthusiasm only to vanish in a few short months”.  Like I said…  Easy to start, difficult to maintain.  Incidentally, ParanoidLinux is on the waiting list to be added to Distrowatch.  Its not mine, but I get quite a few people that read this blog after searching for that particular distro.  I wonder why…

I’ve been putting my photos on Flickr for a while now, but Flickr never seems to do the photos any justice (not just mine, but in general).  Every now and then I post them here on this blog, but they usually contradict the “Linux Ninja Geek” theme, since the photos aren’t actually related to Linux, or ninjas or even technology.

So, I have created an entirely new blog.  A photoblog.

Just in time, too, since my new Strobist gear was delivered today, which more than likely means I’ll be taking MANY more photos that have very little to do with the theme of this blog, and more closely related to photography.

So, if you’re interested in the photos I take, head over to http://photo.mysticmorph.net.  I hope to see you over there.

Recently, on a plane trip, I sat next to a kind gentleman that started to read a Kindle in the middle of the flight.  I heard good and bad things about these devices, and my curiosity piqued.  I didn’t want to disturb the guy, though.  You don’t see people commenting or asking questions about a book someone begins to read because its generally rude and disruptive.  I decided to ask him anyway, “Do you like reading on that?”

His head popped up, looked at me, and smiled.  He paused what he was doing and proceeded to tell me all about his device.  “I imagine most Kindle owners would love to talk to anyone about theirs,” he explained, so I would feel less guilty about interrupting him.  He explained that it was an Amazon Kindle 2, and he was reading a free ebook.  It seemed like everything he explained to me about his electronic reader was good, and I probed further to find something bad about it.  Finally, he told me that the 5-way rocker switch, used to control the menus and select text, was a little too small for his fingers and that he would sometimes accidentally press down instead of left or right, so he figured the best way to overcome this was to use the sides of his fingers and fingernails.  This was hardly something bad about the device, and he made it seem like it was more a problem of his anatomy than with the device itself.

“I can buy books anywhere, and have them in 30 seconds,” he told me.  He explained that the Kindle 2 has wi-fi built in, and he could get on the Internet, go to the Amazon store, buy books, and download them to the Kindle faster than you can boot a computer.  I was impressed.

I asked him if he could download the ebook later on, if something happened to the device or the ebook.  It seems that once you buy an ebook from Amazon.com, its yours.  You can download it as many times as you like, which I had heard was a problem with previous incarnations of ebooks from various book stores in that once you buy a ebook and download it, you’re on your own.

Then, I asked him about the battery, since I was curious about how long a device like this can operate without needing to be recharged.  He told me that he has used his for weeks before, without needing to be recharged.  Again, I was impressed.  It is mainly due to the screen display technology, called “electronic ink”, or e-ink.  It is made in such a way that the screen doesn’t need to be refreshed frequently, relieving the battery from being needed all the time — the battery gets used really only when the screen gets refreshed, when the page is changed.

“Can you put other things, besides books, in it?”  He told me that he could put MP3s in it to listen to, and also visit websites, but it kinda sucks as a web browser.  I explained further, “What about like PDFs, or other documents?”  He explained that he could email PDFs to Amazon, which would convert them into something to be read on the Kindle, but it wasn’t always perfect and it wasn’t entirely free — 10 cents a document.

He seemed to absolutely love his Amazon Kindle 2.  After I was satisfied that he answered my questions, I thanked him for showing me, and tried to leave him alone.  After that, it seemed like he was searching for more things to tell me about his ebook reader.  He showed me that he could take notes on pages, search for text within a book and across books, and that he could store about 1,000 books.  He also demonstrated that, if he wanted to, the Kindle could read the books to him via the text-to-speech.  I listened to it for a few phrases, then he turned that feature off.  That didn’t impress me very much, because it sounded really robotic and reminded me of a Speak & Spell.  It isn’t something I would want to listen to for very long.

I thought it was a wonderful device, and how that must be handy to carry so many books around in such a small form, with the added ability to take notes, search, and buy more books whenever you needed.  The thought of having such a device rolled around in my head for the next few days or so.

. . .

I’m the type of reader that frequently reads technical books.  Oh, I’ll read a good biography or historical fiction, sprinkled with a few humor books now and then, but mainly I read non-fiction.  Programming languages, Internet and technology concepts, and even some computer security books for good measure.  Usually, I have more than a couple bookmarks in the books I read.  I’ll get a book, read it cover to cover, and then put placeholders in and use the book as a reference until it becomes obsolete or innaccurate.  Other books I read, I’ll read them once or twice, and won’t have any bookmarks at all other than a placeholder if I get interrupted.

Since I read technical books, I subscribe to O’Reilly’s Safari for my fill of computer geek-reading.  I pay a monthly fee to have a number of books on my electronic bookshelf, and can download a few chapters here and there to read offline.  The chapters are downloaded as PDF files, which makes them relatively portable since PDF viewer software is readily available pretty much anywhere.  How awesome, I thought,  would it be to have a handheld device with these PDFs in them.

. . .

As with most technical purchases i consider, I research quite a bit.  Mostly, I try to determine if the purchase I might make is technically solving my needs, but then I look at it from a cost analysis — will the thing I buy be the most/best I can get for the money?  Things usually aren’t that cut-n-dry, though.  If something doesn’t solve my need/want, I move onto something else.  If something solves my need, I look at price.  If it costs too much, I weigh the price against the features, deciding if the feature is worth the price.  If a feature costs too much, I might weigh that feature against the possibility of a future need.  Then, I look at how long I plan to keep the purchase, how much I plan to use it, and weigh that against the total cost of purchasing.  In other words, it had better have all the things I need, not much else, and be usable for the entire time I plan on using it, and not be too expensive for what I plan to do with it, but if its more expensive than I expect it should have things that justify the cost.

I’ve done quite a bit of research in purchasing an eBook reader, thinking about how I might use one, and reading/listening to what other people say about them.

Amazon Kindle (1 & 2) don’t justify the price, for my needs.  Kindle 1, the first iteration, is about $289.00. Kindle 2 is about $359.00  They both have e-ink, wireless transfer of books, searching, built-in dictionary, and weighs roughly 10 ounces, with a battery life measured in weeks (actually its measured in page-turns, so your use depends on how much you read rather than the device sitting around idle).  This seems like a pretty good deal, as long as the main thing you want to do is buy and read books from Amazon.com.  Outside of Amazon, it gets sketchy.  Amazon says the PDF reading portion is “experimental”, and requires you to email your PDF files to Amazon as there is no software to convert file formats that comes with the Kindle.  This seems like a pain to me, especially if the PDF ends up not readable.  I’m not even going to go down the path of considering limitations in email (what if the PDF I want to read is too big for email?  what happens when someone spams the email address?).  Since I was used to writing and taking notes, I was sorta looking for something that would let me do that.  The Kindle does have note-taking abilities, but you have to use the tiny Blackberry-style keyboard.

The next device I researched, after many different forums here, here, and here, was the Cybook by Bookeen.  Not entirely a bad device, actually.  Comparitavely priced with the Amazon Kindle, and has similar features sans the ability to buy/download books directly from the device.  My main concern here was it seems to be Mobipocket-specific, as it relies on that format for the books within.  While Mobipocket is a well known ebook format, and has a rather extensive library, the Mobipocket book store didn’t seem to carry much of what I would typically read.  Also, the Cybook seems to rely quite heavily on the Mobipocket Desktop Reader software to do much of the conversion from other formats like HTML and PDF.  Also, it has no touchscreen, and the only ability I can see as far as note-taking is in the form of bookmarks, but the documentation isn’t very clear if you can attach a note to the bookmark.

Another ebook reader that seemed to be within my price range was the Hanlin eBook V3.  It seems to support a very large variety of formats — actually the most aside from the iLiad, which I’ll talk about next.  The potential drawback is that the Chinese company that makes the Hanlin, Jinke, decided to create its own proprietary ebook format, Wolf, to be its primary ebook format for the device.  While this is typically what large manufacturers do so that they can proliferate their devices and lock-in customers for future products, Jinke is a relative unknown in the United States.  Also, I have no idea what I would do if I needed to send the reader back “to the manufacturer” if it ceased functioning under warranty, and the Jinke Support Forum is disturbingly sparse, but riddled with complaints like:

When the developer is going to begin answering questions about units already bought (LBook V8)?
Thank you.

…from a few years ago.  No touchscreen, also relies on Mobipocket, and has no note-taking ability.  Surprisingly, it isn’t even USB 2, it is ancient USB 1.1, which would make transferring of large ebooks a sit-and-wait process.  Not worth the $300 price tag, in my view.

In stark contrast is the iLiad, by iRex.  This thing is a monster.  Anything that you can print from a PC can be read on the iLiad.  Touchscreen.  Not just a touchscreen, though.  You can write on the screen, to take notes.  The notes can then be transferred to a PC or another iLiad where you can have other people annotate your notes, and then transferred back to the iLiad.  It had games — crossword puzzles and Sudoku, if you want.  It has a wireless connection, like the Amazon Kindle, but runs on Wifi rather than a 3G network.  There is very little you cannot do with this baby, it seems.  Price?  Are you sitting down?  This monstrosity will set you back about $700.  (read: approaching the price of a brand new Tablet PC)  It goes without saying (but I’ll say it anyway), this thing is way out of my price range.  Yes, it has a ton of features, and will most likely be able to read just about anything I throw at it, but the price is just too high for the device, considering a few of the features are not that important to me and thus will probably not end up using.

So, what did I finally settle on?

Sony PRS-700. It has a long list of supported formats, a touchscreen (with on-screen keyboard), a built-in front light for reading in the dark, and bookmarks and note-taking capabilities.  All for around $350.  Now, fans of the previous incarnation (PRS-505) will tell you that the PRS-700’s screen is dark and full of glare, but they say that when they compare it to the PRS-505, which doesn’t have a touchscreen or a built-in light.  I went for functionality, and features, trying not to compromise readability too much.  It has electronic ink, but you’re reading it through a touchscreen, on a recessed panel so that the lights are able to shine onto the panel from the side.  I would imagine the $700 iLiad suffers from the same problem, but not many people have those obscene devices, so really it came down to what I wanted the device to let me do, and not necessarily how good it looked.  Speaking of how good it looks, the looks of the device (and the PRS-505) are sleek and professional, which impressed me more than the Amazon Kindle.  Granted, the Amazon Kindle and the two Sony readers were the only ones I actually have been able to hold in my hands, I was most impressed with the PRS-700.  Sony is marketing the 700 as an upscale version of the 505, and not a replacement, mainly for the reasons I just stated.

[Update: It occurred to me that there's an entire string of stuff I haven't talked about, which actually pushed me over the edge to get the PRS-700 -- 3rd-party software.  A very smart individual created an Open Source application named calibre.  It runs non-concurrently (alone and separate) from the software that comes with Sony's eBook Reader, and is VERY handy.  The function is basically that it catalogs the ebooks you buy/download from various sources outside of Sony's ebook store.  It also allows you to convert it into one of 3 formats suited for the reader device, from a large variety of formats that are foreign to the Sony reader.  In all actuality, Sony needs to send this guy a check, because he has increased the device's usefullness exponentially, opening the reader to a vast inventory of possibilities for content not just limited to Sony's ebook store.]

I love it.  It is Sony, and while I’m generally not a huge fan of Sony’s computers, all my home appliances (TV’s, DVD players, VCR, etc.) are made by Sony.  They have an attention to detail that is hard to beat.

In case you’d like to do all the research about these yourself, feel free.  A good starting place is the huge matrix of eBook Reader devices.

One thing you might want to keep in mind, however, is that it is an evolving market.  As new devices are released, the manufacturers typically align themselves with content partners (ebook stores, which are associated with publishers).  So, depending on the device you decide on, you may be locking yourself out of specific content.  Also, the larger manufacturers tend to produce the device such that it works best with their own proprietary format of books, so be careful.

Since it is an evolving market, there seem to be a few ebook reader devices about to come out, but have yet to be released.  There is the Plastic Logic Reader, set to be available in 2010. Also, there will be the eSlick Reader, releasing in May for $260, which claims that you can convert any document to PDF and read it, implying that it only relies on ebooks being in PDF form.

That’s all I really have, and should go because I have about 50 books loaded up and have started reading about a dozen of them already.

LaTeX has been around for quite a while, and is widely known in the scientific and academic community as being the best in desktop publishing and typesetting.  The principle is that the writer should be able to easily focus on the content/topic rather than being distracted by the way the resulting document appears.  Logical structure in articles, chapters, and sections are created by the author with visual presentation happening only after the content is complete.  LaTeX also makes it rather easy to create complicated mathematical formulae in a document otherwise not possible (or very difficult) with word processors — mainly the difference between word processing software and typesetting software, or What You See Is What You Get (WYSIWYG) versus What You See Is What You Mean (WYSIWYM).

Scalable Vector Graphics is a specification for creating 2-dimensional graphics from XML text files.  The resulting graphic images can be either static or dynamic, animated, or even interactive.  SVG is a relative newcomer in the field of graphic image formats, so it is not as widespread as say GIF or JPG.  SVG is also still in the early stages on the web, though there is some support in existing web browsers.  However, to compare SVG (vector images) to GIF or JPG (bitmap images) is tantamount to comparing apples to oranges.  Bitmapped images rely on dots, using positions and color for the dots.  Vector-based images rely on predefined shapes.  This means that vector-based images appear much sharper at very low resolutions where bitmap images begin to appear blocky and coarse.

The cool part:

Recently, a professor I work with came to me with a very specific need.  He wanted a particular piece of software that has been written as a plugin for Inkscape, an SVG editor, that allows LaTeX code to be input into an object and rendered inside an SVG image.  Not only that, but once the LaTeX object is embedded into the image, you can re-edit the rendered LaTeX object by changing the LaTeX code.

Why is this cool?  Simple.  Before, if you wanted to create a mathematical formula or complicated diagram for use in an image say on a webpage, you either had to use LaTex to create your formula inside a document, then convert the document to an image, then edit the image to be used for presentation (i.e., on a webpage), or you had to manually draw the formula by hand and save that as an image. This was a tedious and often error-prone process, with the only payoff in the end being a static image of a formula.

Hand-drawn equation

LaTeX rendered equation

Now, you can create mathematical formulae inside SVG images with simple LaTeX code inside an SVG editor.  The plugin for Inkscape is called Textext, and will allow you to re-edit the rendered LaTeX formula after it has been rendered inside the SVG image.

If you’re unfamiliar with this service, prepare to have your socks knocked off.

First of all, the service is based on a particular number that you give out to people that want your phone number.  That phone number actually calls GrandCentral, which then calls your cell phone, announcing the call — either with CallerID of the person placing the call, or something to let you know that GrandCentral is handling the call.  From that point on, you can choose to take the call, let the call go to voicemail, or listen in on the call (as if it were a home answering machine).  If you choose to take the call, you still have options.  You can record the call by pressing a button or two, at which point both parties in the call will hear an announcement stating that the call will be recorded.  When you’re done recording, press a button again, and another announcement states recording is off.

The in-call recording, and all voicemail that goes through GrandCentral actually gets recorded at GrandCentral, after which time you can go to the website and listen to your messages.  No software to download (other than maybe a Adobe Flash plugin, which you likely have already if you’ve ever visited Youtube).

It goes without saying that, yes, you can totally block callers easily.

You can also input your personal contact list and associate people that call you into groups, and then specify ringtones, greetings, etc., based on group or individual person.

If you get a TON of phone calls on your cell phone, like me, this service is well worth having.  Even though its free, I would likely consider paying a few bucks a month just to keep it.  There are rumors that it will become a pay service…  but more on that later.

One other neato-mosquito feature of GrandCentral?  If you have multiple phones, GrandCentral performs a bit of technological magic.  Say you have registered both of your phones with GrandCentral…  and you get a call on one of your phones through the service…  if you want to switch phones, you just hit a button on your cell phone keypad.  GrandCentral will call your other phone, you pick up, and presto-gizmo the call is automagically transferred.

And now for the news…

Back when I was invited to the beta for GrandCentral, Google had just acquired the service.  Google, essentially, has been working on making it their own, in relative silence, for almost a year now.  Well, they’ve finally re-released the service as Google Voice, though still in closed beta.  “How do you know this,” you might say…?  “From what fountain of knowledge have you gleened this nugget of information, Dave,” you might inquire…?

Well, its all over the Internet, here and here, and here.  Oh, and also because when I logged into my GrandCentral account, I got this notification:

Your account will soon be available for upgrade to Google Voice. Thank you for your patience

The Google Voice Team – Read the blog

Recently, I’ve been playing around with other desktop virtual machine managers, trying to install as many operating systems as I can onto my trusty laptop (a Dell Inspiron 1525, with 3GB RAM, 100G hard drive, Intel Core2 Duo 1.83GHz, running Windows Vista), to see what could be accomplished in the way of running something on my machine without having to re-configure it into a multi-boot mess.  The point of this exercise is to gain the benefits of another operating system without having to reboot, wasting some time while I wait for booting to complete.

I’m using Sun’s VirtualBox, which is actually a pretty darn good desktop virtual machine manager.  Setup is easy, configuration of a virtual machine is fairly straightforward, it doesn’t take up much space, and best of all it doesn’t cost anything. VirtualBox can take advantage of VT-x/AMD-V if your chipset supports that function.  My Dell laptop does not, so I’m relying only on software virtualization.  A cool thing about VirtualBox is that not only will the software allow me to easily switch between virtual machine and regular host desktop (Windows Vista in my case), without ‘escaping’ the virtual machine, but it has a function called “seamless mode”.  Seamless mode incorporates windows from a virtual machine desktop into the hosted desktop.  Seamless mode is only possible if the guest OS (the operating system in the virtual machine) is supported by VirtualBox Guest Additions.

Figure 1. Non-seamless VirtualBox

In Figure 1, you can see that the entire Xubuntu Linux desktop is a window on the Windows Vista desktop.  I am able to switch between the two via mouse, though the Alt+Tab trick doesn’t work as well because Xubuntu Linux captures my Alt+Tab keypresses and switches windows within the virtual machine desktop.  After pressing the right Ctrl key, Alt+Tab works, treating the Xubuntu virtual desktop as an application window on the Windows Vista desktop.

Figure 2. Seamless VirtualBox

Figure 2 displays that there is no Xubuntu Linux desktop.  It has been incorporated into the Windows Vista desktop.  You can also see near the bottom of the screen that the Linux taskbar that was at the bottom of the virtual desktop in Figure 1 is now at the bottom of my Windows Vista desktop in Figure 2.

Disclaimer:  No, I do not normally run Internet Explorer.  I only had it open during the screenshots to showcase that it is actually WIndows Vista, since I have a non-standard Vista desktop theme.

Another cool feature of VirtualBox Guest Additions is the ability to have a shared folder between the virtual machine guest OS (Xubuntu Linux, for example) and the host (Windows Vista in my case).  This particular feature, I *love*.

I’m often “printing” certain things into a Postscript file, converting it into a PDF, and archiving the PDF for historical filekeeping purposes (think: receipts you get from websites).  In Linux, I “print to file”, convert the Postscript file into PDF, and then archive the PDF file.  In Windows, this is not as cut and dry.  I can certainly “print to file” as Postscript, but converting to PDF is a bit more involved.  To overcome this, I have a Linux virtual machine running with a guest-to-host share in VirtualBox; Windows Vista sees this as a folder, and the Linux virtual machine sees this as a mounted directory.  I can “print to file” from Windows directly into the VirtualBox share, go into Linux, and “ps2pdf” the file, and it gets written as a PDF in the same place next to the original Postscript file.  From that, I can either view the PDF in Linux, or view it in Vista with Adobe Acrobat Reader.  There might be easier ways to accomplish this only in Windows, but I’m more familiar with the Linux tools, and in Linux I don’t have to launch a separate application.

So far, in VirtualBox, I have created virtual machines for Xubuntu, openSUSE v10.3, openSolaris v2008.11, Haiku, and even WIndows 7.  Haiku runs a bit slowly, though.  Each of these virtual machines have about 512MB RAM and no more than 6GB of hard drive space.  Keep in mind that the amount of memory you allocate for a virtual machine gets used by that virtual machine when it is running.  Similarly, hard drive space you declare for a virtual machine becomes occupied by that virtual machine’s hard drive on the physical machine in the form of a file.  My meager Dell Inspiron with 3GB RAM and 100GB hard drive, can handle the hard drive space and a few virtual machines running at the same time with a few signs of stress, but nothing major.

My next stop on this Virtual Desktop adventure is with some of the older operating systems I’ve used in the past, working on this laptop.