New Game Review Site
I've been working on this Drupal powered site. It's an open project. Anyone that wants to join in, please do. There's no money in it for me, just the expense of paying for the hosting and domain name. Maybe we'll get some product samples for review down the line, but that's just wishful thinking. Well, who would say no to free games? We also plan to review hardware, peripherals, motherboards, controllers and all that stuff. If you're interested in helping, use the contact page on the site.
The goal is simply to create an open community review site. Currently, reviews have to be submitted unless you are an author. We are accepting applications to become an author and are keen to recruit as many as possible. In the future I'll be adding an automated system that will allow anyone to post a review or rank a game, and that will also allow efficient search of a game score/review database. With such a system we will avoid the problem of people using the site as a link farm and provide a means for us to keep outright comment spam under check.
The site layout isn't finished yet. In particular some things aren't quite right in IE - mainly because I try not to use that awful mess of a browser. Suggestions are appreciated. There should be plenty of bandwidth and the server should be reasonably responsive. Again, if you have any problems with the site, or find page delivery is unreasonably slow, let me know and I will do what I can to improve matters.
Telstra Bigpond customer service annoyances
A couple of weeks ago Telstra Bigpond began to experience DNS problems with various sites. Other ISPs such as Netspace, and Internode were fine, but Telstra could not resolve those sites. I could connect to those sites and get data from them, but only by raw IP. Clearly, I could route to the sites via Bigpond, so why couldn't their domain name servers route to them to make name queries? I knew for a fact that some of the sites were doing their own DNS, so the domain name server for the site's name and the actual site had the same address. It couldn't be an isolated routing problem (which would have been beyond Bigpond's control).
I made specific tests of their domain name servers to check what came back, and they weren't even returning useful error codes when they failed to process the names. That is to say they weren't saying that the name didn't exist, they were returning that there was an an (unknown) error. I contacted Telstra Bigpond technical support to report the problem.
On the first try at contacting them by phone, I explained the issue over and over, but the employee on the phone simply insisted that they couldn't do anything about the issue and I would have to make an email report. I asked if anyone else had reported similar problems. They vigorously denied that anyone had reported a problem of that kind.
Confirmation that the problem is widespread
I was already fairly certain, given the DNS tests I'd performed, but I wanted to be sure. I contacted a couple of Bigpond users around the country. I was able to confirm that the problem was reproducible in NSW as well as Victoria. They were getting the exact same problems I was. This made it hard to believe the story I'd been told about no other complaints. A friend of mine who works for an IT support company was later to inform me that several customers who used Telstra Bigpond had complained about the same sort of issue to them.
Telstra Bigpond Technical Support do not seem to know what DNS is
On the second try at contacting them by phone, I got someone who didn't even know what DNS was. I had a nice time explaining it to her. So much for technical support, you may as well just stick your finger in your eye. She also denied that there had been other complaints, reports of queries about DNS.
Like the first person, she suggested that I remove my firewall. Yep. That's a sure fire solution to DNS problems. Thanks super-genius. I'm just guessing, but that is pretty much the only thing that Telstra Bigpond customer support ever suggest as a solution besides such gems as 'try turning it off and on again.'
On both occasions they tried to blame my 'equipment', and made vague threats that if they sent an engineer out to test and couldn't reproduce, I would have to pay. They were unclear whether by equipment they meant my modem (provided by them) or my firewall, which they repeatedly asked me to disconnect.
In the end I gave up and made an email report. So much for their vaunted 24 hour phone support that they charge so much for. It's useless. They're really only able to deal with people who have the most basic connection problems.
In the end Telstra Bigpond resolved the problem, silently. It never appeared on their network status page, either as something that was in progress or that had been resolved.
Telstra Bigpond's approach to network security is an affront
The fact that Telstra Bigpond denies reported problems and offers singularly bad advice such as removing your firewall is both shocking and disgusting. They are not helping their customers with that sort of advice, they are endangering them. If I'd been a naive user, I would have followed their idiot instructions and removed my firewall - exposing myself to the endless hammering of SQL worms and other rubbish that routinely scans my ports. I run Snort on my firewall, and I see a lot of attacks. My system would probably be secure anyway, but many users would be at risk in such situation. Is it Bigpond's intention to turn their customer base into some hacker's botnet?
This isn't the first time I've complained about Telstra Bigpond's broken policy of selling users modems without firewalls and then trying to sell them an additional software firewall that offers scant additional security over the Windows SP2 firewall. Telstra Bigpond customer support never asked me whether I ran vulnerable applications, such as a web server, on my machine. They never once warned me of the risk of removing my firewall - they just told me that they couldn't offer support unless I did so.
With this kind of awful behaviour on the part of ISPs it's no wonder that the security crisis grows every year. ISPs should have a legally enforcable duty not only to protect user's security, but to provide support and advice that is responsible and helps educate users about security risks. Having a page about viruses somewhere on their web site isn't really enough. They are happy enough to sell users down the line whenever another company or foreign government wants to identify them to invade their privacy, or for malicious purposes... In fact they seem happy enough to sell users down the line full stop. Shouldn't they put their customers a little higher on the agenda. If more people knew what was going on, maybe things would change.
Bush Fires in Victoria
There have been bush fires in Victoria and my wife's parents' house was under threat of fire. We took a few says off to stay with them and help with fire watch. In the end the fire didn't get close, but it was touch and go with the wind. All we got was a lot of smoke. You can see some pictures of fires in the immediate area: From the ABC and from ruralpress.
It looks like the fire situation is completely resolved now, as we've had several days of rain. This is quite a relief, as these things can smoulder on and on for weeks, waiting for strong winds to start them back up, if nothing puts them out.
I'm sure there are writings on this subject by people far more knowledgable than I, but it seemed that the fire services did a great job and prevented the fires from becoming much worse than they might have done. However, there were places where they simply couldn't access the fires to contain them, and there's little we can do about that. Something that could be fixed is the recurring issue of poor precautions by land owners and tennants that has made some things worse than they needed to be.
Pine Plantations near towns and coal mines are not a good idea
The problem around Yallourn North seems to have been aggravated by pine plantations. I used to live in Canberra, and pine plantations there resulted in a disaster. I think it should be obvious to anyone that pine plantations should never approach any significant urban center, or other high-risk area.
Yallourn North is the site of a large open cut coal mine, and as such in the past the government prevented plantations from going anywhere near it. It would be a grim situation if the coal mine caught fire. The plantation exclusion made sense when they first applied it, and it makes sense now. There isn't such a shortage of space in Australia to make it necessary to put commercial plantations right up against towns, or coal mines. The only way I can see this happened in the first place was that corrupt behaviour and the influence of pressure groups overruled common sense.
These badly placed plantations end up costing the tax payer millions because of the damage they do. It's a risk out of proportion to their actual value to the economy. They could never have been justified on economic grounds, not when you do the math. The fact that they were prevented in the past speaks volumes. What changed? You'd think we'd learn something from the destruction in Canberra, but apparently not.
Inadequate fire breaks - stronger regulation needed?
I used to do a lot of cycling in the Canberra plantation areas, and one thing that always struck me was that the fire breaks were not really wide enough, and not kept clear enough. By introducing stronger regulations for more realistic fire breaks we might significantly ease the pressure on fire crews when bad weather strikes. Again, the culprits are the plantation owners. It's in their own best interests to contain fires, they should be the experts on it, and yet they lose thousands of hectares year on year. It's almost as if they like paying gigantic insurance premiums. Is there some kind of fiddle going on here? Surely the cost of employing more people to maintain fire trails would be worth it?
Chronicles of Narnia: The Lion, The Witch and the Wardrobe - Movie Review
I'm not going to waste time by attempting to explain the plot of this movie: I suspect most adults have already seen some TV adaptation or read the book. Besides, this is not a movie that you choose to see based on whether you think you would like the plot. This is a movie that you choose to see because you want to see real fantasy done well. This is high fantasy: the plot is secondary and good always triumphs. Hurrah!
A great movie for all ages
I didn't go into the cinema expecting anything other than pretty special effects. I got a very pleasant surprise. Narnia delivers excellent plotting and pacing throughout, good acting, good casting, excellent voice talent, more than competent direction and a visual tour de force. Compared to the flailing mess of hacksaw marks and protracted low quality 'innovation' that was Lord of the Rings, or the somewhat patchy translation of Harry Potter and the Goblet of Fire, Narnia is a perfectly crafted piece that held my interest througout.
A film of a book that doesn't think it knows best
The Lion, The Witch and the Wardrobe shows us how a film conversion should be done. There are no significant spurious inventions, the characters aren't changed, the roles of important characters are not altered, huge vital chunks of plot are not missing, it isn't mysteriously transplanted to America, and yet it never becomes bogged down in scenes that only work within the context of a book.
A movie for children, a film for adults
Whether you are old or your, and whether you know the story well or not at all, there is plenty to hold your attention. The child characters are faithful to the book and don't spout adult lines at every other turn. The computer animation is good enough to work seamlessly without becoming intrusive, distracting or alienating. The beavers, wolves, centaurs, minotaurs and other characters are characters, not just visual effects to 'wow' us. Though The Lion, The Witch and the Wardrobe is not really the first in the Narnia series, it is almost certainly the most adapted, and for good reason. The book offers a gripping plot full of action, suspense, pathos and sacrifice, sorrow, loss, growth, rebirth and triumph. The other books, while good, don't cover quite such a wide range of experience or offer quite such perfectly paced action. No wonder that this story is the most popular of the chronicles. This movie adaptation captures all that is good in the book. That even I, tired old cynic and bitter critic that I am was impressed is a real measure of its success. If there is even a sliver of a childish love for the fantastic in you, you cannot fail to be entertained by this movie.
Funny animals and they're acting
The acting standard of the more human characters, such as Tumnus is far above what we would expect from a children's film and has none of the hammy tongue in cheek quality that tends to pervade the 'adults' of the Harry Potter movies. The Beavers, on the other hand, do deliver Potteresque comedy, but this serves as a foil to the gentle charisma of Tumnus, the inhuman otherworldliness of the Witch, or the hard boiled practicality of the wolves. Each character is done in their own way, and this serves up a variety that means there is something there that almost everyone will really appreciate.
It would have worked too if it wasn't for those meddling kids
The human children of the movie are excellently adapted from the book. Though their lines and scenes are by no means word for word identical, the sense and spirit of the original literary characters is perfectly preserved. I never found myself 'watching actors', but was completely immersed in the characters themselves. They have their limitations: they're only children after all, but this is a welcome change. The majority of children in movies are just little adults, spouting adult lines, and here we have something different. Children can be children without being trite, limited, pathetic or narrow. It's not a 'kids' movie in the same way that Unfortunate Events or luvvy Emma Thompson's latest vehicle is, but it does deliver characters that adults, and - I would imagine - children can relate to.
It's the world - you didn't expect it to be small did you?
The visual style of the film is far from understated, but strikes a good middle ground between the heavy handed cheese of Ridley Scott's Legend and the quasi-realism of Lord of the Rings. The colours of the encapsulating World War Two setting are intentionally drab and dark, tinted with cold greens and blues. Winter Narnia is both a picture postcard and a cold unforgiving wilderness, depending on requirement. The Witch's dungeons could not seem colder and her palace interior is suitably dark and menacing. Once the snow vanishes we are presented with blue skies and intense bright sunny colours. While these tricks are obvious, they still work, and they work well. Each season and setting is perfectly manufactured and provide an absolute feast of eye-candy, vast, deep landscapes and varied interiors. Just as the cast of characters provides a 'something for everyone' variety, so too the settings of the film provide a rich wealth of alternatives, each perfectly realised.
I don't believe it: English voices and they're not villains
We probably have Harry Potter to thank for the fact that it's now possible to make a mass market movie that isn't Americanised. My initial expectation was that the initial set up would be clumsily transplanted to New England or Washington State and the children would all have perfect generic American accents. I was quite surprised when I found the setting of the book left intact. I was absolutely stunned when the inhabitants of the fantastical world of Narnia turned out to provide a wide range of accents, with American sounding voices for some of the villains. Of course Tilda Swinton delivers an 'English' voice for the evil Witch Jadis (and she could certainly have done otherwise) but this works perfectly within the voice mix of the movie.
Far too often we have been served up with films that are blatantly nationalistic and divisive in their use of accent. It has long seemed that in US film making the only roles available to English actors that aren't prepared to fake an American accent are villains. I'm not sure that time is completely over, but we are seeing some signs that the absurd dogma that a US audience hates English voices has been debunked. Of course we still have movies like Constantine where an English character is converted into an American one for no strong or compelling reason, simply because nervous, play-it-safe film executives believe the old myth that American viewers demand American heroes. Whatever the true state of the political climate, Narnia has loads of great voice talent and doesn't restrict itself along national lines.
The Golden Bough and the subtext of C.S. Lewis appreciated
There was no doubt in my mind that the creators of this movie understood CS Lewis and the anthropological subtext of the Narnia Chronicles. What's more, they appreciated Lewis' work to the point that they didn't think it needed clumsy improvement. Unlike in a film series made by a certain New Zealander, who apparently mis-remembered a good deal of Tolkien and seemingly didn't fully understand much of what he did remember, here we have a movie that has a proper grasp of its underlying themes.
It's never too obvious, never jammed down the viewer's throat, but the conflict between late stone-age/early bronze-age matriarchal society and late bronze-age patriarchal society that C.S. Lewis intimately understood is present here. The film makers don't feel a need to destroy the original story in a misguided attempt to make it more modern. They are smart enough to realise that fantasy that has already stood the test of time and several generations of readers does not need modernising: they realise fantasy is not supposed to be modern and allow it to be itself.
While some analysts are fixated on Lewis' inclusion of 'biblical themes', this is a very strange way to come at the Narnia books. It's almost as the biblical scholars are determined to graft Christianity onto anything dealing with pre-Christian ideas, which the Narnia chronicles most certainly are. To view Narnia through a biblical keyhole is to confuse the original with the copy. That Christianity incorporates the sacrifice of a king is merely an ever-present theme that it borrows from the oldest religions (obvious examples such as Oriris or Dionysus spring to mind).
I was astounded by the background detail of the sacrifice scene, where we are clearly shown Jadis, an earth priestess trying to reinstate the ancient custom of kingly sacrifice. The 'monsters' representing the type of animal-totem tribes that were common in prehistoric Europe, and from whence originate our mythological centaurs, fauns, and other combinations of man and animal. We are show this through modern eyes, where the idea of the priestess trying to assume kingly power is considered wrong, evil, or at least likely to bring terrible luck. That Lewis based his fairy tale on this ancient theme gives his story some of the power and energy of the real fairy tales, which typically resonate full of this conflict.
Never for a moment does the film ever let the sub-text become the main text, and yet it is perfectly preserved, and perhaps even enhanced over what was clearly present in the book. Really, when a witch priestess is sacrificing a king on a stone altar, surrounded by standing stones and animal tribes/totems, you can't really believe this is a biblical story can you? How ignorant of the history of religion would you have to be when the whole thing reeks of ancient Greece, Britain or Germany?
Once the snow is gone, the costumes of the Witch clearly allude to the prehistoric era, and in the final battle we are presented with an obvious representation of a warrior priestess who embodies the goddess in the style of the Morrigan. The forces of civilization, 'rightful' patriarchy and the 'good' females who restrain themselves to their safe roles of care and nurture are arrayed against the 'destructive' female force and the uncontrolled primitive urges that drive it. The costumes and creature designs say it all: the side of good arrayed in shining steel (the iron age mind-set) and the animals emphasising their positive human characteristics, while the side of evil is a collection of beastly creatures that emphasise the brutal and animalistic, who are garbed in dark shades of leather and bronze (the stone and bronze age).
That the film makers were able to do this with such clarity, without in any way being obvious about it is probably what impressed me most about the film 'after the fact'. While I was watching, the performance of Tumnus and the fantastic visuals impressed me the most, but afterwards it was the ability to deal with complex themes without every becoming complicated that really won me over. The Thirteenth warrior is the last film I remember that took these themes so seriously, and it didn't do terribly well with them - though I'm fond of it, it has a lot of critics.
In short, this is one of the best movies for years that deals with anthropological themes, and it does it so well without compromising an iota of fun, plot, story, pacing or character to do it. Not a single part of the movie's mass appeal is diminished by the intelligent and subtle inclusion of sophisticated pre-historical themes.
The advertising voice of Aslan
If there was one tiny complaint I would make about the movie, it was that Liam Neeson as the voice of Aslan ended up sounding like a commerical for insurance. I think Aslan would have sounded better with a rougher, harder voice that imparted a little more wildness to him. The polished voice we do get, well, it is the voice of adverts for financial services. This was one thing that did diminish the experience a little. Given that everything else was so well done, I'm prepared to forgive them.
Tilda Swinton is one freaky...
After her otherworldly Gabriel in Constantine, Tilda must be a little nervous that she's only getting supernatural parts right now. Nevertheless, she does do it awfully well. With a combination of 'makeup' effects (they might be post processed CG) and her eerie inhuman acting, she provides a genuinely nasty Witch. She captures the not-quite-perfect attempt at being pleasant and the terrible anger of the witch queen perfectly. Her sword fighting scenes are excellent, though I'm not sure how much of that she did herself. What will she do next? A creepy artificial intelligence in a sci-fi movie? Something involving super heroes? Or perhaps back to a more normal drama? Whatever it is there's a good chance I will be watching it.
Quick tips on how to install MP3 compression into media player
Once upon a time I actually made the mistake of paying for a licensed MP3 compressor for Microsoft Media Player. Of course, despite backing up my keys and other licensing encumberments, after I resinstalled windows it was no longer possible to reinstall my MP3 compressor.
Back then LAME had terrible performance and was encumbered by problems of its own, not least a general lack of an ACM driver that worked. Now, things are different. It's easy to get access to a high quality, completely free MP3 encoder for Windows Media Player.
I now use LAME to perform my MP3 compression when extracting my CDs to MP3 to play in the car and so on. However, I don't use Media Player much, as Plextools has offered cddb support for a while now, and there's no longer any benefit to using Media Player.
However, I recently had to install some extraction and compression software for someone who was determined not to have a Plextor CD or DVD drive. In fact, they had decided to use a drive that had just about the most crippled ASPI support I've seen. The latest version of Nero was able to work with it, but almost everything else was unable to discover it, despite various ASPI shennanigans.
Media Player was able to operate the drive, and has the ability to retrieve CD artist/title information, so I suggested it as a CD ripper. Of course, MP3 compression was required, and it took me an age to track down information on how to install the ACM support for LAME - and eventually had to grub through my registry to find it. The data is out there on the net, and even saved on my computer, but it's hard to find amongst all the google noise. To make it a little easier I'm putting that info up here: it's one more chance for people to find a link that's not junk.
It's just a registry hack
First you need to install LAME and the LAME ACM codec. I compile my own, but there's no need, you can download it precompiled from the free-codecs site. This site used to have a bit of a reputation for distributing spyware and trojans, but from my experience it seems ok now. Look at the left side-bar under Audio Codecs. You want the LAME MP3 Encoder. This package includes everything you need, including the ACM codec interface. Let me know if you try to use this link and it turns out to be stale.
Once you've downloaded the package, you need to unzip and install it. The latest version have a .inf file as part of the package, which you can double click to install the codec. There is also installation advice on the free-codecs site.
Now all you have to do is add a few entries to the registry. The easiest way to do this is to cut and paste the following text into your favourite text editor, save it as a .reg file and then double click the file to install the changes. Alternatively, you can type the entries direct into regedit. It's up to you.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Settings\MP3Encoding]
"LowRate"=dword:0001f400
"MediumRate"=dword:0002ee00
"MediumHighRate"=dword:0003e800
"HighRate"=dword:0004e200
"PreferredCodecName"="LAME MP3"
"PreferredCodecPath"="C:\\WINDOWS\\system32\\l3codecp.acm"
"HighRateSample"=dword:0000a028
"LowRateSample"=dword:0000a028
"MediumRateSample"=dword:0000a028
"MediumHighRateSample"=dword:0000a028
You will need to edit the value for PreferredCodecPath after you've cut and paste the text into your .reg file. This needs to refer to wherever you have installed your LAMP MP3 ACM file (the .acm file). This is usually system32 within your WINDOWS or WINNT directory, but this might vary depending on your install. I believe the latest version is called LameACM.acm rather than l3codecp.acm, so for most people the path is going to be "C:\\WINDOWS\\system32\\LameACM.acm"
You can tweak the available data rates which match to the four qualities available in Media Player. Make sure you edit them in decimal and not hex if you are using regedit directly.
Some people have suggested that you should use the Fraunhoffer codec and a playback rate of 48KHz. This is pointless as the CD source material is only 41KHz to begin with, and LAME supports 41KHz playback just fine. Also, LAME is freeware and Fraunhoffer is not. Why run some dodgy warez'd compressor when you don't need to?
If it's all working properly, then when you go into Media Player's Options, select the Rip Music tab. There's a pull down to choose the format of the compressed data. You should now be able to select LAME MP3 instead of some variety of WMA.
Personally, I prefer VBR compression for my MP3s, as it works fine with all my hardware based players, and with WinAmp etc. It's better quality in the same space, but Media Player's interface doesn't support it directly. As Media Player gets involved with writing out the MP3 header, it probably wouldn't help if you hacked the ACM to make the compressor output VBR data. This isn't a problem with Plextools, which supports LAME specifically and is VBR aware. You can also compress OggVorbis with Plextools, but it's still hard to find hardware players that support it - which is a great pity.
For the same reasons that you are unlikely to be able to write a VBR MP3 from Media Player, you can't use a trick to make it compress OggVorbis or Monkey's either. It's a pity that Microsoft didn't provide a more general interface within Media Player so that we could compress in the formats we want to use and not just the ones they want us to use. Again, this problem is solved by Plextools, and no doubt many other ripping packages too.
Experiences with the Smoothwall Installation: How to Implement a Linux Firewall (part 1)
Some people are still on dialup, or have been sold a cheap broadband modem by their ISP. In either case they may find themselves without a firewall. This is a very bad position to be in, sooner or later a worm will infect a Windows PC connected to the internet like this, even with XP SP2 (with its updated s/w firewall) and all the auto updates turned on. Of course there are other risks, and if you use your machine for filesharing (legitimate or otherwise) you expose yourself to considerably greater risk.
Software firewalls running on your main machine are inherently vulnerable to trojans and things that slip in via email. You should try and run your firewall on a device that is not used for anything else. A dedicated device, be it custom hardware or a PC dedicated to firewalling is always going to be a more secure.
One solution is to purchase a hardware firewall/router, or perhaps a modem/firewall/router that the ISP should probably have recommended in the first place. Pure firewall/router devices are hard to find in the main consumer outlets, but can certainly be obtained by mail order. Around A$70 is the bottom of the price range for firewall/router devices. A complete all-in-one solution such as a ADSL modem with firewall, router, four port switch and wireless access is far from cheap (at around A$150), but probably the best way to go if you don't have any existing kit. However, if you have old PC hardware lying around that you want to make useful again, or just want configurability and choice, an old machine running Linux could be the answer.
Linux has been a viable option for a firewall solution for several years. The creators of distributions have recognised this and make efforts to make setting up a Linux firewall a fairly painless procedure. Red Hat offers a firewall install option that I've used in the past, and there are several Linux distributions that are intended for nothing else. Some install from a single floppy, and others from a CD.
You could try to run Windows on an old PC and run something like ZoneAlarm, but old versions of Windows are vulnerable to attack, and new ones require expensive hardware to run well. On top of that Windows licenses and good firewall applications are far from free. When you throw in the fact that Windows PCs are the main target of attack you have to conclude that Windows is not a good tool for this job and that Linux is by far the better choice for a dedicated firewall.
One popular firewall solution is the smoothwall Linux distribution. This falls into the category of 'security focused' distributions and by default comes with secure default settings and is generall 'hardened' against attack. By reducing the number of components in the distribution, the number of possible vulnerabilities is reduced and the specification of hardware required made as low as possible. Add to which, hardly anyone attacks Linux vulnerabilities right now anyway.
Another possible alternative, which was originally a smoothwall derivative, is IP Cop, but I will write about that at a later date. It is in the process of losing its last vestiges of smoothwall code, and seems headed off in a different direction. I chose not to use it for my first foray into the area of specialised distributions because smoothwall seemed to have a better community forum.
Smoothwall's community seems one of its best strengths. Almost every question you could think of is already answered on the forums, and the greatest problem is the vast body of material already there. There are many 'mods' for smoothwall, and most of the features you could wish added have already been considered.
The distribution can be downloaded with or without the documentation, but I can see no real reason not to download the documented version, as it's not that much larger.
Choosing and Configuring Hardware
Smoothwall seems to run on some pretty low end machines. I'm running it on a 500MHz Pentium II with 1Gb of RAM and 8Gb of drive space, but it will run happily on much less. With the configuration above I see CPU utilisation of below two percent, even with large numbers of active connections and my cable modem running flat out.
After installing and allocating a large buffer area for the web proxy, I had over 6Gb free of the 8Gb drive (which didn't provide a full 8Gb anyway). If you have an old 2Gb SCSI drive (or IDE for that matter) hanging around, it should provide plenty of space.
Clearly, 500MHz is overkill, and if memory is sufficient I believe even a P60 or 486 DX66 would suffice for most tasks. A friend of mine has reported issues with a 166 being slightly strained by heavy loads with large numbers of connections, but I suspect it's more likely due to limited memory than CPU given the usage figures I've been seeing.
I have observed that left to its devices, smoothwall makes use of my entire 1Gb of RAM, so it's a good bet that the more RAM you have the better. You can adequately run with 128Mb. I suspect more RAM aids performance significantly when you have large numbers of connections to your machine, but makes little difference if you don't.
Ethernet Cards
You will usually need at least two ethernet sockets free on your firewall machine: one for the broadband modem and one for the rest of the network. A switch or hub doesn't help you with the basic requirement for at least two ports because you need to pass everything through the firewall. If you do have a switch or hub, it should go on the protected side of the firewall so that your other network machines pass their traffic through the switch, then through the firewall machine, and then, if necessary, through the wall itself to the modem. If that sounds confusing, as long as you plug the modem directly into the firewall machine, all should be well. Put another way, do not plug your modem straight into your switch or hub :)
If you want to use the DMZ facility of smoothwall, you will need a third available ethernet socket on your firewall PC, which might be a bit of a stretch for some people. The DMZ facility is a (stupid slang) 'de-militarized zone', which is to say it has thin firewall protection. The DMZ is for running applications that have problems running through a firewall. Most hardware firewalls offer a DMZ, but not like the smoothwall one. Keep reading and you'll see the difference.
Unfortunately, one thing that ancient PCs rarely seem to have in them is a sufficient number of network interfaces. I was lucky in that I had three spare Intel chipset, PCI ethernet cards lying around. Most people probably don't, and most old PCs had zero ethernet sockets, which is two short of what you need.
Cheap 10/100 Network Interface Cards (NICs) as the jargon aware like to call their ethernet cards, retail for around A$10, but that's a mail order or computer market price. Expect to pay a lot more at popular retail outlets - if you can find anything that isn't an overpriced gigabit card. In any event, $30 isn't too much to spend, but it's a long way from the 'totally free' setup that most people are probably hoping for. The upside to using a modern PC is that it is more likely to have two or more NICs installed as standard, though this is still hardly a given.
Perhaps the best source of cheap NICs, apart the second hand bin at computer markets, is the junk heap of workplace IT departments. In many cases businesses are paying people money to take away old 'useless' PCs, usually 486 or early Pentium machines that have tiny amounts of memory and equally tiny monitors like little goldfish bowls. These machines often contain old 10/100 PCI NICs because they were networked. Often they contain Intel cards, which used to be by far the best. The IT staff may let you take away as many of these machines as you like (use one as the basis for your firewall), or may take the NICs out for you. Whether it's your workplace or a friend's, you can often get this 'scrap' for free. If you aren't so lucky to get something for nothing, the computer markets often have people who deal in this old hardware selling parts and entire machines for very low prices. There will always be junk from corporate upgrade programs.
However, there are some other hardware issues you need to think about before you proceed. If you only have a USB modem, you will need a machine with USB sockets. While many old machines have these, they are typically USB1, which is pretty slow. It's OK if you are on dialup, but chances are you aren't. USB broadband modems are generally a bad thing all around, so if you have one, think about getting something better when an opportunity to upgrade appears. For dialup, USB1 should be quite sufficient. On the up side, if you have a USB modem you will need one less ethernet device.
Once you have sufficient NICs, USB sockets, COM ports or whatever you need installed in your machine to support the setup that you want to use, you are ready to address the software installation.
Installing the Smoothwall
Installation is straightforward. Most of the install documentation is devoted to 'tricky' installs, such as when you don't have a bootable CD drive. It's possible to boot from a floppy and install from CD or from a network device. All the tools to create a boot floppy are included as part of the distribution.
Assuming you have a bootable CD, you simply write the downloaded .iso file to a CD, put it in your target firewall, and boot. You are faced with a set of menus that ask simple questions and in most cases the options are explained to you.
I would suggest that for a home network you use addresses 192.168.1.X and a mask of 255.255.255.0, as so many devices default to values like this. Also, you can add another network on 192.168.2.X if you need to for some reason (something I'll talk about in a later part in this series).
Things can seem a little complicated when you are asked to choose the base configuration, simply because of the jargon used. Smoothwall has a concept of interface 'colours' which are used to refer to interfaces connected to the LAN (GREEN interface), the outside world or WAN (RED interface), and to a DMZ machine or network (orange interface). Unlike IP Cop there is no BLUE interface as yet (which is used specifically for isolating wireless), though there is a mod for it.
You can configure with just a GREEN interface if your internet connection is on a USB port and doesn't come through an ethernet NIC. If you have an ADSL modem or cable modem with an ethernet connection, you need to configure at least GREEN + RED. You can switch ORANGE in and out depending on whether you want a DMZ machine or network. Most people probably don't.
A DMZ machine is a machine that isn't fully firewalled and is used to run services accessible to the outside world. On most hardware firewalls the DMZ machine is left wide open and unprotected. On a few (Billion for example) the DMZ machine is still potentially firewalled and you can control how its accessed.
The smoothwall approach is more like the Billion approach, where the DMZ is still partially firewalled. However, smoothwall firewalls both sidesw of the ORANGE interface, so its communications with GREEN are filtered. The smoothwall ethos favours using a DMZ for anything that communicates with the outside world. Your ORANGE network is considerably isolated from both RED and GREEN interfaces and so even whem compromised attackers can be contained there.
To reiterate: the smoothwall authors suggest you never let outsiders connect to any service on your GREEN network because if that server is compromised, attacks can access your entire GREEN network with no additional effort. This is why the ORANGE net exists: machines in ORANGE are isolated from the GREEN network, so if they are compromised by a worm or other exploit, your entire GREEN network remains safe.
For many home users, the idea of a server machine in a DMZ is a step too far: they don't want their machine to offer any services at all anyway. Such considerations are particularly moot for people who only have one decent computer and just want to firewall it - but for people with a genuine home network it's worth thinking about.
For example, you could have a home network with three or four computers, plus a firewall machine and a DMZ 'server'. The main network is on the GREEN interface, the outside world (via your ADSL modem) on the RED interface and your DMZ server on the ORANGE. You can then explicitly open pinholes in the firewall so that people can connect from GREEN to ORANGE in a controlled way. People on GREEN can still use web browsers and such directly through the firewall, as it allows most outgoing connections.
Some of the options you deal with at installation can easily be changed later through the web interface, while others can not. Overall, the base configuration (GREEN, RED+GREEN or RED+GREEN+ORANGE) is the only thing you need to think about before installing. Even then, if you get it wrong you can change it by logging into the firewall machine as 'setup', which automatically runs the config program.
Most ISPs assign a dynamic IP to the connecting machine. Telstra and Netspace do, while Demon in the UK provide fixed IP addresses. If your ISP didn't give you a fixed IP (and they will most certainly have notified you if they have given you one) then you should configure smoothwall to obtain your IP address via DHCP, and possibly your DNS addresses as well. Smoothwall asks about this pretty clearly and tries to explain it, so you shouldn't have too much trouble.
If you know the addresses of your ISP's DNS (Domain Name Server) you should enter them during the install. Some ISPs recommend that you use DNS IPs returned by DHCP, in which case you should probably try configuring smoothwall to do so. It might not work, in which case you will have to find out the addresses and enter them into the smoothwall setup manually. I've noticed that some ISPs do not handle DHCP DNS assignment as reliably as they should, though Telstra seem fine in that regard.
For ease of use you should probably set your GREEN interface to provide DHCP to your LAN. You will be asked about this, and there are sensible defaults. Just make sure it's turned on. This saves a lot of bother when configuring machines on your network to connect to the smoothwall.
You will be asked about how you connect to the internet, and possibly offered a way to configure your modem. If it's an ordinary dialup modem, or an ISDN modem, then this might be useful. If it's an ADSL modem it may not be, as these are sometimes either pre-configured by the ISP, or through their own web interface. If you have a Telstra cable modem you can ignore it as you have to connect to Telstra in a special way: don't tell me you are surprised?
Install Complete: How to use the Smoothwall
Once you've completed the main install on your smoothwall machine you can probably remove the keyboard and monitor. Everything you need for day-to-day admin of the firewall is accessible via remote web interface, just like most hardware products.
Connect your main machine to the smoothwall's GREEN interface, either directly via a cross-over cable, or via a hub or switch. It may not be obvious which of your NICs ended up configured as GREEN. Just configure your main PC's TCP/IP for the NIC it's using, plug into one of the ports on the firewall, try and connect to the web interface. If you fail, move to the next port and so on until you can connect, it won't do any harm. You can't accidentally connect through RED or ORANGE :)
If you set your GREEN interface on 192.168.1.1, then that's what you need to connect to from your web browser. However, it won't work unless your machine has its TCP/IP network settings set up to match. If you enabled DHCP, then all you need to do is open the connection for the correct NIC on your main machine and bring up the properties. Once there you should see a list of networking components, most likely including Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, QoS Packet Scheduler, and Internet Protocop (TCP/IP). The last one is the important one: select it and then its properties. If you configured DHCP on the smoothwall all you need to do is set Obtain an IP address automatically and Obtain DNS server address automatically. These are the defaults, so you may not have to do much.
Unlike most hardware products, you can connect to the web interface via a secure connections (using HTTPS and SSL certificates). Type https://192.168.1.1:441 into the address bar of your browser. I think the smoothwall docs suggest you use the name of the smoothwall machine, but that is somewhat fallible, if you use the numeric address there's no chance of a DNS problem.
When you connect, the smoothwall provides an SSL certificate. Your main machine won't recognise this certificate because no authority has signed it, so you will probably want to tell the browser to add the certificate to those your computer recognises for future convenience. Even then, the browser will probably grumble about mismatches in the certificate name. No need to worry about that yet, just click ok and move on.
Once you are connected to the web interface you will see the welcome screen. The menu along the top allows you to access the smoothwall configuration facilities. When you click on one you will see a login popup. Enter a user name of 'admin' and the password you set during installation for smoothwall administration (not the password for your root or setup users).
You should be now properly logged in to the smoothwall web interface and can manage your firewall. In the second part of this series I'll talk a bit more about getting your smoothwall to actually connect to the internet through your modem or other device. (And will probably come back and update this article after I realise all the stuff I missed out).
Harry Potter and the Goblet of Fire Movie Review
I'll be brief because it's likely that nothing I say is actually going to stop you seeing this movie. It starts off magnificently, and at first I was really hooked in. The intial scenes and then the Quidditch Tournament really sweeps you away (as I'm sure is intended).
This is a very long film, and about half way through the story starts to loose its pace. Boredom set in for me somewhere during the lead up to the ball. Things pick up a bit later, but it never really gets back on track properly. At the end which really ought to have been gripping and emotionally moving it fails to maintain interest, and the pacing is awkward. I recall that the book recovered well at the end after a flabby middle third, but the film doesn't manage so well.
Nevertheless, Goblet of Fire is loaded with eye-candy and at times is both impressive and exciting. If you haven't read the books it serves to keeps you up with the story. It's a rather long experience, so be prepared and don't drink a dozen cups of coffee right before going in; it's hard enough to concentrate at the end as it is.
If you've already read the book you will spend a lot of time spotting what's missing from this film. The book was fairly long for a Harry Potter story, and had far too much going on to make a prefect movie, so it doesn't surprise me that there were problems deciding what to keep and what to dump. The problem is that some of what they decided they had to keep does not play so well in the film as it did in the book. I think perhaps they needed to take a bit more license with the material and change the details of things a little more here and there to better preserve the spirit of the book. There were also times when the whole tournament theme started to become overdone.
By sticking to the simplistic sequencing of the book the movie runs into pace problems that prevent it from being the triumph it might have been. It's a pity because it starts so well. Some have said that they might have chosen other scenes from the book, but to my mind the problems are not so much with the scenes chosen as how they are presented.
The ball, in particular, does not seem of interest to the key characters, and little of great importance appears to takes place. There were no problems with the ball in the book, and so we have to wonder whether it was properly handled. In the end they couldn't seem to decide whether to play it straight or for laughs. If they had mixed some of the other missing material from the book into the ball it might have been made more interesting. In the end the ball relies on too many characters that simply aren't developed enough to work in the movie.
I really can't imagine how they are going to get through Order of the Phoenix without problems the same or worse than this movie, as Goblet of Fire is a long book, but short in comparison to its successor. Order of the Phoenix has far too much in it to make just one film and it seems like they will really have a real struggle on their hands with that one. I can imagine that almost the entirety of the character development will be cut as a result.
Xbox 360 Underwhelms
What more need be said? It shouldn't come as a surprise that the early life-cycle software products are nothing more than slightly prettier versions of games that could just as well have been released on the original xbox.
It's fairly likely that most of these products were originally developed on xbox or PS2 and then development switched over to the Xbox 360 once they were able to obtain development kit. The designs of these games remain firmly rooted in the xbox era.
The HD aspect does nothing more than put PC quality graphics on your TV screen. If you have a decent modern graphics card you can almost certainly do this already. nVidia and ATI are quite capable of putting a PC display on a television, but really you're better off on a PC monitor anyway.
The greatest step for 360 so far is the controller. The only problem is that this does not work well for shops, where the wireless controller needs to be chained down and can easily end up with flat batteries. I believe a wired solution may be used in some cases, but this means the consumer can't try out the real wireless controller.
It also seems unlikely that Xbox 360 will have Final Fantasy or GT, which will probably remain Sony only (though this isn't assured). These are key products that will leave many gamers waiting for a PS3. Right now Xbox exclusives we can rely on are Halo and DOA. The former has always been loved in the US, but I'm not sure it will win many sales in Japan. It's going to be a tough battle between the new consoles and very likely that both of them will take several months to get genuine 'next gen' titles onto shelves.
We can bet that rising development costs and the fact that publishers don't really know what makes a good game will result in even more play-it-safe licenses, sequels and suppressed innovation in games, leaving customers ever more jaded.
I for one won't be rushing out to buy a 360 whenever they finally ship in Australia. In fact, I may not buy one at all unless some software I really have to have appears on it. I've seen no sign of this yet.
Myth busters: Australian Broadband
It begins: Telstra can't quite manage to turn on a phone line
Back on the 8th of November, we finally got the keys to our new residence. We have a small Telstra box (for phone) and a big Telstra box (for cable) attached to our house, and obvious cables run from these, underneath the house, to various rooms where phone and cable points are visible - helpfully labelled 'Telstra'. What's more, the previous residents seemed to have had a Telstra phone.
We had already contacted Telstra to arrange a phone line. (See Telstra's Level Playing Field). Telstra informed us that the line would be working the very next day. However, there was a minor quirk: our phone number would not have the usual code for the area because the local exchange was full and we would be on a new exchange. Seeing as it was to be a new exchange, I did wonder if it would have DSL2 provision: after all, why build new exchanges that are already out of date? Telstra also offered us BigPond internet via ADSL repeatedly, some might say almost determinedly. We kept refusing as we intended to tranfer our Netspace account.
The next day the phone wasn't working. We contacted Telstra again to ask what was going on. At first they claimed that the problem was with our phone. We informed them that we had tried three different phones, one brand new. Given this information, they offered to investigate the problem, ominously assuring us that we would have to pay a large callout bill if the fault was found to be with 'your equipment'. An engineer would be sent out the 'next day' and we were assured that he would fix the problem immediately. Naturally, I laughed. They offered us BigPond again. Refusing this was becoming a reflex action.
Of course, on that 'next day' the phone still wasn't working. If Telstra send someone out we never saw him, but we weren't required to as apparently he didn't need access to the premises.
Again we phoned Telstra, and again they promised to resolve the problem 'the next day'. By this point the same old excuses were getting really comical. Suffice to say that by the 13th (remember we called them on the 8th) we finally got a working phone line - or so we thought...
Transferring Netspace Broadband
I checked broadband availability on the Netspace and Telstra sites, and they both declared our number was good for A/DSL service.
Our DSL provider was Netspace. We phoned them up to ask how long it would take for them to change our DSL service from the old address to the new one. They said it would take five to ten days, but then mumbled that it might be as few as three. Yes, I really mean DSL, not ADSL, we had a 512/512 symmetric service from Netspace, which is rather useful. I would take it over 1500/256 every time. We also asked about availability on our number, as they had previously been told by Telstra that our number wasn't a Telstra number at all. This time everything seemed to be ok.
We couldn't contact Netspace at first as their phone line would ring through to empty hissing silence. Eventually my wife found a number which wasn't one of their main contact numbers, but did work. They were able to put us through to the right people from there, though we never found why the main lines were dead. Crazy people would say it was Telstra killing the phone service of their competitors. This is obviously mad as it implies a level of 'togetherness' and 'joined up thinking' that simply doesn't seem to be present in Telstra.
We asked Netspace if it was possible for them to not stop the old service until the new service was ready to start. They said this was not possible - though I can see no obvious reason why not other than poor organisation and communication processes. We were informed that our broadband service would terminate immediately that we signed off on the transfer through their web page.
We phoned again, and got a different customer services representative. Netspace customer services appear to be in India of course: quite friendly, but often hard to understand, and the phone connection is frequently poor with severe distortion, which makes things worse. (Netspace tech support are clearly in Australia, for the time being at least). The new representative again quoted the five to ten days, with the could be as few as three 'off the record' proviso. However, they informed us that the existing service would not cease for several hours or possibly a day or two.
On the 14th of November, I went to the Netspace website and attempted to transfer my service to the new address. It failed, informing me that DSL service was not available on that number. I again checked their main availability page, and that still said ok. I changed over to IE instead of using Firefox, and was able to complete the transfer: now the applet seemed to think my number was ok for DSL after all. It cost me $140 to move my service, a rather nice little pickup for them doing about ten minutes work on an existing account.
In short: the Netspace website produces wrong results with Firefox, giving no indication that there is a problem with the browser. This is worse than the page not working at all: quite dreadful design and testing.
Telstra's Revenge
A few days later we phoned Netspace to ask what was going on with our broadband transfer. We were informed that this was blocked by Telstra because they had PSTS 'products' on the line already. This was disturbing, as this was a new connection to a new exchange and we most definitely did not have BigPond. What were these mysterious products? Apparently, Netspace could do nothing about this, and we would have to contact Telstra ourselves.
We immediately contacted Telstra. They attempted to sell us BigPond again. Then they told us that they couldn't do anything about PSTS products if we weren't a BigPond customer. Then they decided that it was a BigPond problem anyway and put us through to BigPond customer support.
BigPond customer support attempted to sell us BigPond and then denied any ability to deal with the problem and passed us back to the phone system customer support. After attempting to sell us BigPond again we were able to get them to admit there was something they could do. We were promised that the problem would be resolved in 20 minutes or so, and they would remove the bogus 'services' that had somehow become attached to our line right away: apparently they had given us BigPond DSL even though we weren't BigPond customers. They hadn't given us a login, or billed us for it, they'd just connected it up anyway ... for fun perhaps?
We immediately rang Netspace and informed them of Telstra's '20 minute' resolution. They asked us to call them back in an hour to check if everything was ok.
An hour later we called Netspace who found that the 'products' were still on the line. They said it might be an update issue and they might be gone by tomorrow. We decided to wait.
The next day we called Netspace to ask about our installation. It was still blocked by the Telstra products. Again, we called Telstra. They assured us the products were gone and tried to sell us BigPond (which they had just removed).
We contacted Netspace and informed them that Telstra denied the existence of any products. After much pleading and explaining we were put in contact with a 'tech person' at Netspace who broke the rules by contacting Telstra directly. He was able to discover that the products were still present but that they had just removed them at his request (again against the rules) but the Netspace db probably wouldn't acknowledge this for another day now. He asked us to check back later...
Somewhere during this process I observed an interview with the current CEO of Telstra. At one point he talked about how the employees of Telstra loved it there so much, and how they really wanted the best for the company. He actually claimed that some employees were leaving the company to go elsewhere out of sheer love of the best interests of Telstra. Amazing eh?
The next day we were able to get assurance from Netspace that there was no longer a problem with Telstra blocking the install.
A few days after that, we contacted Netspace again to get an update. Good thing that we did. We were informed that we were stuck because there were no free ports on our exchange (remember that new exchange Telstra put us on) and they expected an install in three days time... This was sweet, as apparently we'd had a port back when we had those bogus 'products' on our line - but now we couldn't have one.
Three days later... We called Netspace. Still no free ports. They advised us to phone Telstra to find out when ports might be available. We did this, now claiming to be interested in BigPond and curious if we could get a port. Telstra said that they had no plans to add extra ports to our exchange until March and that the exchange was currently full: e.g. if we got BigPond ADSL we would be waiting until March for it to activate.
We waited a while and then called back as Netspace customers. The March date rolled out again, but then they mumbled that it might happen earlier, they didn't really know. They had another look and suggested that they might add some ports for Netspace at the end of December or start of January, but didn't know if there would be enough to fulfill everyone's requests.
We had pretty much established that we had no real hope of a DSL or ADSL based broadband service until March, even though we had paid for one, and even though we apparently had a port on the exchange at the point we asked for the service. How 'unfortunate' that port couldn't just be transferred to Netspace. That said, if Netspace are unbundled maybe that would have been impossible anyway.
Return of the BigPond
We couldn't get Optus cable (and believe me I tried) so it looked like Telstra cable based broadband was the only solution available apart from dialup (or ISDN, but the pricing on that is beyond a joke). Telstra's biggest package is a 20Gb cap with a charge of 15 cents a Mb over the cap. This costs about $100 a month and has an install charge of around $250. Go to their site and see the exact prices and options for yourself. You can't 'self install' unless you already own a cable modem, which we didn't. Telsta also have an unlimited cable plan, which is actually a 10Gb cap. After you hit the cap you are shaped to 64Kb. In short this is so far from unlimited that it's ludicrous.
Compare the price of cable on Telstra to DSL on Netspace: we were getting 60Gb for $80 with 64Kb shaped after we hit the cap. So Telstra is $20 more for one third the cap. Nice. For this you get a customer service line that ends up in India and promises you 'tomorrow' the doesn't deliver. This is similar to the Netspace customer service line, which also ends up in India and promises you 'five to ten days' and then doesn't deliver. The difference with Telstra is that they are brave enough to lie big. (I didn't actually ask the operatives if they were in India, but the line quality seemed to indicate that they were).
I phoned up Telstra and signed up for their cable plan. They offered installation two days later and gave me a number to call in event of a problem.
Two days later the sub-contracted installation engineer turned up on time. He was clearly no Telstra employee. He didn't show me any id and had an unmarked van. He also had a bluetooth headset with which he maintained contact with the Borg Collective or something. I never heard him speak to the headset though he wore it constantly. My Borg theories are confirmed.
The engineer fitted an additional cable point where we wanted it and installed a modem. He then installed some very dodgy looking Telstra software for login authentication without really explaining what it was. He then warned us of various 'bugs' with the cable system and under what circumstances to 'contact Telstra immediately'.
The engineer then checked the telephone pit and tidied up a problem with a corroded cable, which wasn't effecting service, but might of. Apart from his connection to the Borg and the wood shavings on the carpet he didn't vacuum up, he was quick and effective. He did a decent job despite (I suspect) being paid on a per install basis. Of course, he wasn't a Telstra employee.
With cable up and running I had only one problem, or so it seemed: the modem had no router, no firewall and connected directly to my wife's computer. Hardly the ideal product to install on naive end users systems. Do Telstra really have the best interests of their clients at heart? Are they serious about network security? It doesn't really seem as if they are.
I noticed that Telstra push a windows based personal firewall product you can license through them. As this runs on your main Windows box it is rather vulnerable. Once a worm or trojan owns your box it owns your entire network because that firewall will quickly be holed. I prefer a hardware firewall solution, as they are a lot harder to hack (though not impossible). I have two DSL modems with routers, firewall and wireless, but the cable makes them useless. Another solution is required.
I'll be talking about my experiences setting up a Linux box as a firewall in the near future.
Who started this OPML thing anyway?
Far be it from me to speak heresy, but this OPML thing doesn't seem terribly well thought out: if instead of sticking everything in attributes, the data was present in perfectly normal XML elements, then you could view OPML quite sensibly just by using CSS. Instead you have to use XSLT to display OPML in a nice way.
OK, well you can still make sense of OPML using XSLT, so it's all good right? Well, maybe not. Opera doesn't support XSL translations, so chances are your viewers just get a blank page in Opera. Less than ideal. (They helpfully suggest you do the transform on the server ... hello?)
While the creators of OPML might have thought it was a bonus that the text attribute didn't show up when you applied a stylesheet to the untranslated page, it isn't always what is required. If you don't want to see something in css you can always set display: none, so why put anything in attributes at all? Clearly, it's not so you can outline XML because XML is already inherently outlined.
I guess it's too late to stop the bandwagon. OPML is out there and being used, and probably isn't going to go away. One day Opera will support XSL translations. Until then, a whole range of rather nifty XSL techniques for maintaining pages in XML require server side transforms that could have been pushed out to the client.
Telstra's level playing field
Tomorrow we collect the keys to our new house, and as the phone is essential for work, my wife arranged a new phone line through Telstra. When she signed up for the line, they also offered her the chance to instantly sign up for their Bigpond ADSL broadband service. She declined Telstra's helpful sales offer. Our current home ISP is Netspace, and we chose them because (arguably) they offered the best speeds and download limits for the money at the time.
When we contacted Netspace, they were unable to get any information about the new line from Telstra, and Telstra even informed them (incorrectly I hope) that it was not a Telstra number. Due to reliance on Telstra, Netspace will only be able to begin connection of our ADSL once Telstra actually admits the line exists - whenever that might be. We can already phone the number, so you'd think it would be in their database. It's a new exchange in a mainly commercial area, you'd hope things would proceed smoothly? Apparently, it's not in the database they use to answer enquiries from external companies.
So, where's the level playing field for ISPs? Netspace can't even begin the connection process, but BigPond can start right away - and it's being marketed to you at the moment you connect your line. Similar issues apply to using an alternative long-distance carrier: most people will sign up with Telstra because it's quick and easy. I'm guessing that most people who want to get a phone line, or an internet service, don't want to wait a long time for it to be connected.
Netspace have been an adequate provider. Their service so far has been fine, though I am not thrilled with they way they terminated their 'unlimited' service when I was barely two weeks into my subscription to it, replacing it with a capped plan. They did this to everyone, but they must have known they would do this before they even sold me the service. Why were they selling a service they planned to immediately cancel? Does look a little strange doesn't it? I suppose they will do anything they can to make a sale, and no wonder when you look at the handicap they have to operate with compared to Bigpond.
Netspace's replacement capped service is still competitive on price/performance, but when you consider the way the cap is split into peak and off-peak usage, it's not quite as good as it sounds - but I see the logic in the system, and even with the split it remains fair value.
In contrast, Bigpond's offerings are very expensive indeed, and you have to wonder why they can charge more than their competitors and keep market share? I don't believe it's because of their quality of customer support, because it's not noticably different to anyone else's. Sure, you can call Telstra 24 hours, but try calling their broadband support line at 4am in the morning and see what sort of answers you get: they might be of the 'its broken and nobody will be in to fix it until 7am' kind.
If the playing field isn't level now, does the government really imagine it will be after the sell off? My guess is that Telstra will simply swallow fines and penalties for anti-competitive behaviour as part of its business strategy, as it has done in the past. As for whether the shares are a good bet, it will depend on who they get to run the company in the future. With good leadership they could go up and up ... or they might not. However much they are milking it now, the Australian domestic phone business doesn't offer much potential for business growth, and they will need serious growth to push share prices up.
Hyper New Games Hype
The gaming press is currently awash with hype about the forthcoming consoles. It seems that people can't resist articles about new hardware and the wonderful specifications it may or may not have. Commentary ranges from the ill informed and speculative to the 'insider' tech news genre. I contend that the main thing being overlooked in all these articles is that none of this new hardware's specification matters at all.
We can take for granted that the next generation of console gaming will deliver more rendering performance than the last. We've learned that it will also bring us wireless controllers as standard, but we could already buy those anyway. What's left is mainly spin and hype. However, make no mistake, there will be changes for gamers, but the hardware specification is almost completely irrelevant to them.
Developers make games, not hardware
So, what about Cell and all that jazz, isn't that going to bring us to a new gaming nirvana or something? Will games now have lovingly crafted, amusing and involving physics? Well maybe, maybe not - the PC has been quite capable of this sort of thing for several years now, and yet games that make any proper use of it are few and far between indeed.
What about the rich world of emotions and story that Cell will open up to us? Oh wait. REALITY CHECK: since when has a CPU made stories more involving, game designs better, or characters more emotive? There's more emotion in the textureless little midgets of the original PS1 Final Fantasy VII than in <pick latest Unreal Engine game of your choice> with it's shadertastic rendering system with its cathedral scaled bells and whistles.
In the end, what we get from the next generation of consoles will depend on developers: game designers, artists, programmers. Publishers and what they dare to do will also matter enormously: every single fancy feature costs time and money to develop. Those who take time to put these things in properly will be later to market and will spend more money developing the game. These things really matter, especially to publishers, who are under the impression that if your game is available on a console in its early life, with a shortage of titles, then people will buy it no matter how poor it is. This has never been true, but they usually rush products out anyway, with the same old consequences.
There are a lot of factors that make people buy a game, or not buy it: a popular license, a proven history, good marketing, good graphics, good gameplay, cult status and occasionally a product becomes so popular that people just buy it because everyone else did.
As you can see, only two of the key games 'sales' factors are related to hardware at all, and those only tenuously.
The quality of game graphics is determined very much by the artists that work on them. No amount of rendering technology can make up for bad art, but the reverse is true - good artists can do an enormous amount to compensate for weaknesses in a rendering engine.
The quality of game 'play' is supposed to be enhanced by increased CPU power, but usually it doesn't happen. Most of the CPU is used to drive the rendering side of the game anyway, and the 'game' gets the tiny slice that is left. This will not change. It doesn't matter how many execution units you've got on your Power Processor, most of them will be tied up doing something to do with rendering.
It's a simple fact that good graphics are instantly identifiable in a game: in reviews all you can see are screenshots, in the demo reel, all you really see are graphics. The gameplay won't show up until you get the game home and spend solid hours grappling with it. In a really good game, some of the best experiences won't show up until you are a long way into the game. This is the tragic dilemma: the part of your game that brings the most joy and lasting pleasure doesn't help sell it directly - only through word of mouth is the excitement conveyed. As so many reviews are full of glowing joy and satisfaction, it won't show up there at all.
So, the end result is that pubishers and developers devote most of the hardware resources to graphics. It doesn't matter how much power there is, it can always be directed at graphics to achieve a flashy effect rather than used for 'gameplay'. The companies that do this best have the best looking games. If you played the beautiful looking Final Fantasy X, did you look at the graphics and then wonder why the game mechanics were ten years old? They were still good enough to keep hundreds of thousands of gamers happy, but they weren't exactly pushing the hardware.
There will be teams that bring us great new gameplay, physics, AI, and all that stuff, but in the end they will do it mainly because of a gradual evolution in software devlopment, game software libraries, middleware and know how than because of simple hardware power - that's why we haven't really seen the 'physics revolution' on the PC yet: the software and the developers both need to mature in this area. Powerful new hardware may give them a nudge, but it can't take them all the way.
High Definition Hype
Microsoft, desperate to find something new for Revolution to revolve around is telling us it's all about high definition. This isn't going to make much of an impression, as there are still plenty of people who still watch 4:3 ratio television, which should give pause for thought about how many people actually have high definition televisions.
A few people with expensive DVD players may have genuine high definition televisions (capable of 1080 progressive scan) in the UK, and for practical purposes the penetration of high definition into Australian market is insignificant. The US penetration is probably the best, but much of that is still not 1080 progressive capable.
Really, all this talk about fancy televisions is boring. It's a small evolutionary step: high resolutions already exist on the PC and they don't make the same games an order better than on the consoles. Xbox was just about capable of delivering this stuff already, so it's not much of an innovation. As a programmer, I would rather avoid a high resolution that most people can't exploit, because you are always short of fill rate and higher resolutions only make this problem worse. Supporting silly resolutions five years ahead of their time seems only to handicap the machine.
And in the end it's all yesterday's news
When the fancy console hardware actually gets into living rooms in sufficient quantity to make a difference, it will already be behind the desktop PC. The graphics processors will probably lag top PC cards at launch, it's realy no big deal either way.
As for CPU power: no matter how Sony spins it, a Cell with a few specialised signal processing engines is not going to 'blow away' a dual core AMD64, or even Intel's latest clunky Pentium-D, or whatever they hope to have by then. By the time the PS3 hits volume in Europe, we'll be looking at quad core AMD64s for the motivated wealthy. Solid general purpose computing power (with stuff like good branch prediction), coupled with a big cache and lots of memory means that PCs will still be able to compete with the specialised gaming CPUs.
A technology lead has never brought genuinely better games to the PC, though the platform does have some different games, the differences are related more to culture, input device and display technology than anything else.
