Fazal Majid's low-intensity blog

Unpaid computer tech support for relatives is not a popular topic among geeks. It is very much a reality, however, specially in Indian communities with extensive extended families like mine. Some of the griping is churlish considering all the favors your family cheerfully does for you, and we probably have it better than MDs who are constantly bombarded with requests for free medical consultations.

At first sight, I would be better off if my relatives had the good sense to ditch Windows and get a Mac instead, but that would in fact compound the problem because I would get even more calls for help from people who are having a hard time dealing with very basic issues on an unfamiliar platform. Mac OS X may be better integrated and secure than Windows, but contrary to popular opinion it is not that much less crash-prone. All computers are unnecessarily hard to use in the first place. I doubt very much the computer industry will mend its ways and put human-centered design first, more likely than not the problem will be “solved” by the progressive eclipse of generations born before widespread computing, the rest of us having perforce adapted to these flawed tools.

A big part of the problem is doing “blind” support over the phone where you don’t see what is going on, and often the person in front of the screen is not technical enough to know what is significant and how to give you a useful and actionable description of what is on screen.

To its credit, Microsoft added remote assistance functionality in Windows XP. Explaining to users how to activate it is a challenge in itself, however, and in any case you need another Windows XP machine to provide the support. I still run Windows 2000 in the sole PC I have (used exclusively for games nowadays) and it makes such a racket I am almost viscerally reluctant to boot it up.

The best solution is to use virtual network computing (VNC), a free, cross-platform remote control protocol originally invented by the former Olivetti-Oracle-AT&T labs in Cambridge, UK. I often use VNC to take control of my home Mac from my office PC or my MacBook Pro. Indeed, VNC is integral to Apple Remote Desktop, Apple’s official remote management product for large Mac installations. There are even VNC clients available for PalmOS and Windows CE so you could remote control your home computer from a Treo. Having VNC running on the ailing PC would allow me to troubleshoot it efficiently from the comfort of my Mac.

Unfortunately, there is still a chicken-and-egg effect. I once tried to get an uncle to set up UltraVNC on his PC and do a reverse SSH forwarding so I could bypass his firewall. It took the better part of an hour, and barely worked. Surely, there has to be a better solution.

One such solution is Copilot, a service from Fog Creek software that repackages VNC in a form that’s easier to use. It is somewhat expensive, however (although that can be seen as a feature if the people calling for help have to pay for it and thus have an incentive to moderate their requests).

Another one that shows some promise is UltraVNC SC, a simplified version of UltraVNC that is designed for help desks (here is a more friendly walkthrough). Unfortunately, it shows a very clunky dialog that makes sense in a corporate help desk setting, but is too confusing for a novice user, and it uses UltraVNC extensions that are not compatible with most other VNC clients like the one I use most, Chicken of the VNC.

In the end, what I ended up doing was to take the source code for the full-featured UltraVNC server, rip out all the user interface and registry settings from it, and hardcode it to open an outgoing connection to my home server alamut.majid.org on TCP port 5500. There isn’t anything on the server listening on port 5500 by default, but I can open a SSH connection to it from anywhere in the world and use SSH reverse port forwarding to connect port 5500 to wherever I am. This neatly sidesteps the problem of firewalls that block incoming connections.

The resulting executable is larger than SC, but still manageable at 500K (vs. 950K for the full version), and requires no input from the user beyond downloading it and running it, thus triggering all sorts of warnings. It’s not good practice to teach users to download and run executables, but presumably they trust me. After the VNC session is finished, the program simply exits (as evidenced by the disappearance of the UltraVNC eye icon from the toolbar

If you want to use a setup like mine, it’s easy enough for a technically inclined person:

1. You could download my executable at majid.org/help, open it in a hex editor (or even Emacs), search for the string alamut.majid.org and overwrite it with the name of the machine you want to use instead (I left plenty of null bytes as padding just in case). Make sure you are overwriting, not inserting new bytes or shrinking the string, as the executable won’t work correctly otherwise.
2. Or you could download the modified source code I used (UltraVNC is a GPL open-source project, so I am bound by the license to release my mods). Edit the string host in winvnc/winvnc/winvnc.cpp (you can also change the reverse VNC port from its default of 5500 if you want), and recompile using the free (as in beer) Visual C++ 2005 Express Edition and the Platform SDK. My Windows programming skills are close to nil, so if I could do it, you probably can as well.

To use the tool, put it up on a website, and when you get a request for help, SSH into the server. On UNIX (including OS X), you would need to issue the command:

ssh -R5500:127.0.0.1:5500 your.server.name.com

Please note I explicitly use 127.0.0.1 rather than localhost, as the former is always an IPv4 address, but on some systems, localhost could bind to the IPv6 equivalent ::1 instead.

On Windows, you will need to set the reverse port forwarding options in PuTTY (or just replace ssh with plink in the command-line above). After that start your VNC client in listen mode (where the VNC client awaits a connection from the server on port 5500 instead of connecting to the server on port 5900). You can then tell the user to download the executable and run it to establish the connection.

Some caveats:

1. The leg of the connection between the PC and the server it is connecting to is not encrypted
2. Depending on XP firewall settings, Windows may ask the user to authorize the program to open a connection
3. At many companies, running a program like this is grounds for dismissal, so make sure whoever is calling you is asking for help on a machine they are authorized to open to the outside.

I hesitated to make this widely available due to the potential for mischief, but crackers have had similar tools like Back Orifice for a very long time, so I am not exactly enhancing their capabilities. On the other hand, this makes life so much easier it’s worth sharing. Helping family deal with Windows will still be a chore, but hopefully a less excruciating one.

Update (2007-03-23):

You can make a customized download of the executable targeting your machine using the form below. Replace example.com with whatever hostname or IP address you have. If you do not have a static IP address, you will need to use a dynamic DNS service like DynDNS or No-IP to map a host name to your dynamic IP address.

For some time now, titanium has been the material to convey technological edginess. In the hierarchy of credit cards, it apparently trumps silver, gold and even platinum. The metal is used to make fashion statements in products as varied as the original Apple PowerBook, fancy (but dull) knives, high-end watches or cameras like the $20,000 fiftieth anniversary commemorative Leica M7. As an eminently biocompatible material, titanium is also used in implants. I am not entirely immune to the lure of the material, as I recently purchased the iconic titanium spork for travel use.

Titanium has also become the material of choice for extravagant architectural projects, Frank Gehry’s abuse of the stuff in projects like the Guggenheim museum in Bilbao being only the most egregious example. Reportedly Gehry himself tires of the metal, but the tasteless committees that drive much of public architecture worldwide clamor for it, so he is trapped in the style just as surely as less famous architects are trapped in various forms of academism.

That said, there may be a backlash against titanium, and copper may be taking over as the new metal of choice in projects like the new De Young museum in San Francisco. I have also seen it used as a decorative element in a number of new residential buildings in my neighborhood in San Francisco (the picture to the left is from a building on California and Polk). Copper is of course the most beautiful of metals, with a rich hue reminiscent of sunset, and it gets even better with age as it gains its characteristic light green patina.

You read it here first…

I finally completed my CD ripping project and now have lossless copies of all my CDs (and the CD-audio layer of my SACDs) on my Mac.

As I mentioned before, the bulk of the work is tagging the music with correct metadata, locating cover art when the majority of my CD jewel cases and booklets are moldering in a cellar in France. (Amazon is helpful, specially now that it allows users to upload their own scans of cover art). Doug’s AppleScripts for iTunes make short work of normalizing CDDB metadata like correcting the people who stuff the composer name in the title or vice versa.

I wrote my own scripts to tackle these common operations:

1. Strip numbers from titles. That’s the “Track #” field’s job. This script requires the Satimage AppleScript Regex OSAX plug-in to work.
2. Renumber a selection sequentially, so I can split a CD into its constituent parts and renumber them independently from each other or the original CD track order.
3. Strip prefix strings from titles.

This does not mean I am finished, however. About 3/4 of the way through, I realized iTunes is far from perfect at extracting CD audio. For various reasons related to how the Redbook CD audio format was designed without computers in mind, it is very hard to get a perfect, repeatable rip from one attempt to the other. iTunes has an “error-correction” option that seems not to have any effect. For reliable ripping, you have to use specialized programs like EAC on Windows and a cdparanoia-based program like Max on OS X. This complicates the workflow as Max is slightly buggy, and nowhere as good at managing metadata as iTunes is, so the one-step import in iTunes becomes a less streamlined affair:

1. Rip the CD to AIFF in Max
2. Import the AIFF into iTunes
3. Number the tracks (very important!) using my “Renumber tracks” script
4. Convert to Apple lossless
5. Copy the metadata from CDDB using Doug Adams’ Copy info tracks to tracks script.
6. Add album cover art and mention the track was ripped with Max
7. Backup to another hard drive!

The good thing is, now that I have collected the metadata and cover art, I can rerip trouble tracks with clicks or pops, and copy the metadata in one step using Doug’s action, so re-ripping won’t be as much of a hassle as the first time. The next step is to convert everything to FLAC so I have a non-proprietary library that works with SlimServer on my Solaris home server.

If you are not as obsessive about your music metadata as I am, the process will be much easier if you just use whatever CDDB supplies you. In any case, remember, just say No! to DRM-infested lossy-compressed tracks from the iTunes Music Store.

Bill Gates announced yesterday he is progressively going to disengage himself from day-to-day participation in Microsoft over the next two years, to concentrate exclusively on his foundation. However questionable Microsoft’s business practices may be, they are no worse than Standard Oil’s. The Rockefellers or Carnegie bought social respectability by endowing institutions for the already comfortable. No matter what the IRS may claim, donating to places like Harvard in exchange for naming rights does not qualify as charity in my book.

In contrast, Gates’ humanitarian work has been remarkable — his money is comforting the truly afflicted of this world, like sufferers of leprosy or malaria. His example is highly unlikely to be emulated by Silicon Valley’s skinflint tycoons (Larry Ellison, Steve Jobs, I’m looking at you). The latter conveniently convinced themselves their wealth is due entirely to their own efforts, never to luck, or government funding in the case of the Internet moguls. This leads to the self-serving belief that they are absolved of any obligation to society or to those less fortunate (in both senses of the term).

This decision is not entirely unexpected. Microsoft has been floundering for the last several years, and has accrued severe managerial bloat, something the ruthless and paranoid Bill Gates circa 1995 would never have allowed to continue. There is remarkable dearth of insightful commentary on the announcement. My take is that the harrowing and humiliating process of the DoJ anti-trust trial proved cathartic and led him to review his priorities, even if the lawsuit itself ended up with an ineffective slap on the wrist.

Some equally interesting reading coming out of Redmond: Broken Windows Theory, an article by a Microsoft project manager on the back story behind the Windows Vista delay, with some really interesting metrics. Apparently Vista takes no less than 24 hours to compile on a fast dual-processor PC. It has 50 levels of dependencies, 50 million lines of code (one metric I personally find meaningless, as you can get more done in one line of Python than in a hundred lines of C/C++). His conclusion is that due to its scale, Vista could simply be structurally unmanageable. Certainly, the supporting infrastructure, as in automation tools, code and dependency analysis, project management et al. ought to be a project in itself of the same scope as, say, Microsoft Word.

When I worked at France Télécom in the late nineties, they were reeling from the near total failure of Frégate, a half-billion dollar billing system of the future project (another interesting metric: two-thirds of billing systems projects worldwide end in failure). The grapevine even devised a unit of measurement, the Potteau, after an eponymous Ingénieur Général (a typically French title with roots in the military engineering side of the civil service) involved in the project. One potteau equals one man-century. It is deemed the unit beyond which any software project is doomed to failure.

Vista involved 2000 developers over 5 years. That’s over 100 potteaux.

There are many ways to carry a camera. Most are supplied with a neck strap (and there is a non-slip shoulder equivalent, the UPstrap). Wearing a camera around the neck gets tiresome really quickly, makes you look like a goofy tourist, and potentially attracts the undesirable attention of thieves and would-be muggers.

I usually carry my camera discreetly inside a shoulder bag. A regular bag, mind you, not one of those obesely over-padded camera bags that are so bulky as to preclude walking around with them. You still need something to secure the camera, prevent it from slipping from your grasp and falling onto the hard pavement.

For pocket cameras, the wrist strap usually supplied will do just fine. You can get a tighter fit by attaching a cord lock (Google comes up with a bewildering variety of them) and reduce the risk of the lanyard slipping off your wrist. For some reason, only Contax had the sense to supply lanyards with a built-in cord lock.

For larger cameras, you need a hand strap. They are very common with camcorders, but unfortunately, very few camera manufacturers think of offering them as an option, or even provide bottom eyelets to make attaching them convenient. You have to hunt for third-party accessories and attach them using the tripod screw mount at the bottom of the camera.

For some time, I have mounted a cheap Sunpak hand strap on my Rebel XT. It does the job, but the plastic tripod mount is flimsy and unscrews all to easily, and the vinyl is not very pleasant to the touch. Another issue is that it precludes the use of an Arca-Swiss type quick-release plate. About a year ago, I wrote to Acratech, the people who make my ballhead and the QR plate on my Rebel XT, to suggest they drill an eyelet in the plate to allow mounting a strap, but never got a reply back.

I recently found out that Markins, a Korean maker of fine photographic ballheads, apparently took a patent on the idea and sells leather hand straps to go with some of their QR plates. Despite the princely price, I immediately ordered a set.

You have to unwind the strap to thread it through the eyelets on the camera and the QR plate, and back through the leather knuckle guard. This is fiendishly difficult to do if you don’t know the trick to it: wrap the tip of the strap in packing tape to produce a leader, and cut to a taper with scissors to ease insertion.

This strap works because the Rebel XT has a protruding hand grip. For a camera like the Leica MP, which does not have an ample grip (unless you attach an accessory grip), I use a sturdy strap liberated from my father’s old 8mm movie camera.

If you don’t have one of these lying around, you can always try one of Gordy Coale’s wrist straps, or if they lack snob appeal, Artisan & Artist makes ridiculously fancy (and expensive) ones for Japanese Leica fetishists.

Update (2022-11-24):

I use a Peak Design hand strap on my Nikon Z7. It attaches to a standard Peak Design anchor at the bottom (in this case, attached to a RRS QR plate) and has a gate clip strap at the top that goes through an slot-type eyelet (or in this case a triangular split ring).