Don’t look now, but…

(Apologies to Mr. Dylan)

STOP THE PRESSES! THIS BLOG IS MOVING!

Effective immediately, the new address for this blog is blog.kgrothoff.net! Please change your links appropriately. All existing content will be moved to the new address.

Those who read via RSS, please head over to the new blog and grab the new feed address from the top of the page. (Note to LJ users: this is already in the process of being taken care of for you - you shouldn’t have to do anything.)

I’ve finally decided I like WordPress so much that I’d download the WordPress server and host the blog for myself. I wanted all of the bells and whistles and plugins that free users here don’t get (plus I like having direct access to the database), and installation and setup was much smoother than I thought it would be. All of the posts that were available here will be available there - just replace “kristagrothoff.wordpress.org” with “blog.kgrothoff.net” in the link for any individual post.

A small number of old posts will be duplicated here, simply because there are a lot of indexed external links to them and they receive a lot of traffic - since they are in general “how-to” posts, I figured it was better to simply leave them here than to leave folks looking for solutions with a lot of dead links.

Anyhow, unless the new server catches on fire or something, this will be the last post here - please head on over to the new site if you’ve been reading for a while, and thanks for visiting!

Attention: This post now lives permanently at http://blog.kgrothoff.net/2007/06/24/pseudonymous-comment-posting/ - please go there for current updates and comments.

(N.B. If you’re one of my regular posters, I promise this is not about you. Part of this content is directed at a specific poster who will have no doubt that it refers to him or her.)

So today I had an interesting experience.

Someone posted a comment which was a little fishy to one of my older posts. Ok, really fishy. I’m not stupid, after all.

I won’t explain what was wrong with it or why, but let’s just say that in spite of the story intended to obfuscate the identity of the poster, it was pretty obvious who it came from, just from the ill-crafted anecdote. As I’ve said before, most people give themselves away with what they say, even if they are technically savvy enough to cover their tracks.

But let me just say this - if you’re not technically savvy enough to cover your tracks, don’t bother. And no, giving a fake e-mail address is not enough. Given the way ISPs work, and how infrequently your IP address will generally change, not only is it often possible to tell where generally your comment came from (state, city, whatever), it is often possible to tell where exactly it came from (as in, in this case, which house that IP was assigned to when it was sent). And if the receiver just happens to have also, say, received e-mail from you recently, and knows where to look in the headers, the receiver can compare IP addresses and know definitively where it came from.

In general, unless the comment is abusive, I don’t pay any attention to where my posters come from - I figure that’s private information.

But as I’ve said before, you’re never really anonymous on the internet. Technically savvier people have ways of hiding their trails, but this poster does not have those skills.

To the poster in question: Gotcha. Quit while you’re behind. I didn’t spend all of those years doing this for nothing.

You should be very, very embarrassed, especially given what you were trying to do.

Attention: This post now lives permanently at http://blog.kgrothoff.net/2007/06/24/go-see-sicko-no-really-go-see-it/ - please go there for current updates.

Last night, the husband and I went to a special preview of Michael Moore’s new film, SiCKO. It doesn’t officially come out until next week, but when it does, go see it. I mean it.

Now, I know, some of you begin to breathe fire and drool rabidly at the mention of Mr. Moore’s name (something I don’t really understand, but you’re entitled), but let me just say, all politics aside, that it is an excellent film. Really. Fantastic. And for those of you still drooling rabidly, even the reviewer for Fox News liked it, so maybe you should just get yourself a handkerchief and calm the heck down. Wipe your mouth, seriously. And then go see the film, and complain about it later if you hate it.

I was, for many years, among the uninsured in the U.S. And I was pretty damned lucky - the worst thing that happened to me in that time was that I got a terrible ear infection. Now, that was bad enough. That terrible ear infection cost me over $400 to treat in the mid-90’s, since I of course waited until it was too late to treat it; emergency rooms supposedly can’t refuse service because you can’t pay, see, but doctors’ offices certainly can. My ex-fiancé’s relatives were trying to convince me that smoke or urine in my ear would make it better (no, I did not let anyone urinate in my ear, thank you… but these were down-home Nascar folks, so it’s not entirely surprising, and at least they were trying to help. I think), and so I sat around miserable until I ended up in the emergency room, screaming every time my ear throbbed. And paid $400 for it, albeit over the course of several months of harassment.

But I shouldn’t complain. I didn’t have an accident. I didn’t get cancer. I got the flu several times, but I didn’t end up with pneumonia or anything. Yes, there were several times where my life would have been made easier if I’d seen a doctor, but I only got the normal stuff folks get every day. And fortunately, a cold you caught 10 years ago that is now gone is not considered a pre-existing condition, whether you went to the doctor or not.

But even insured, Americans aren’t exactly well-served by their HMOs. This is no secret, and yet there is still this myth in the U.S. that we have the greatest health care system in the world. Maybe we have the greatest health care system money can buy, and if you have the money to buy it, you can have it - I don’t know. I’m lucky enough to have great health care coverage right now, but I’d bet money that if something really awful happened to me, it wouldn’t stay that way.

Now, some of you fiscal conservatives out there are whining, “well, why should I have to pay for your illnesses if I’m healthy?” And some of you are the same people who spout the marketing hype about how Americans are the most generous people in the world. I have news for you, bud… when you have a heart attack, or you get old, some part of the system will be paying for you, whether it’s your HMO or Medicare, and if you’re not completely covered by those (as most people eventually are not), unless you’re a millionaire, you’ll end up struggling financially too. We’re all mortal, peeps. And we can all get sick or get hurt. And even if socialized medicine isn’t perfect, realize that nothing is. Running a capitalist model with people’s lives is ridiculous.

But the really great part of SiCKO, frankly, is that it shows those bits of American life that we all know about, vaguely, but are able to ignore or not experience. I’m not just talking about the folks on Skid Row in Los Angeles (if nothing else depresses you, just go see how the poor and mentally ill live in L.A. - I saw them every day on the Blue Line to work, and it is completely demoralizing), but folks like Donna Smith (who was at last night’s screening), who is a middle-class, working American who had insurance and still ended up having to move in with her kids when both she and her husband got seriously ill because of deductables. It’s not OK to throw the poor, the mentally ill, or the homeless out on the streets because they can’t pay for medical care, and it’s not OK to throw your mother, father, or grandfather out there either. Persist in thinking that what few social services we have in this country take care of everyone and complain that you don’t even want to be paying for that, fine, but you’re wrong. What Moore does brilliantly in the film is to expose what actually happens.

And then, there are the corporations. Oh yes, the corporations. Now, can someone please tell me why everyone buys into this idea that the free market will automatically settle to whatever works best? The unregulated free market will eventually settle to whatever makes money, and no more. And when I say “makes money”, I mean “makes money for the shareholders and CEO”, not “what makes money for the tax base”, since we all know that big corporations get huge tax breaks. What I found most shocking were the discussions with medical reviewers from major insurance companies and HMOs who stated flat out that they had a quota for denials (regardless of validity of the claims!), and if they exceeded that quota by denying coverage to more patients, they were given bonuses.

So… the person deciding if your surgery for colorectal cancer has an incentive (keeping his or her job, getting more pay, etc.) for finding a way to deny your claim, even if it’s legitimate.

Yeah, that works, folks. Seriously. Also? I am the Queen of England.

Moore looks at the systems in France, Britain, Canada, and Cuba afterwards, and I promise you, even if you’ve heard about the sorts of problems the British NHS has, the picture it gives of universal health care versus what we let corporations do here is so startling it will make you want to cry.

So go see the film. You’ll learn something, I promise you.

Even if you love the president.

And about those 9/11 rescue workers taken to Cuba, before you jump to conclusions, see what the film has to say. I promise you, you’ll be upset, and it won’t be about Moore being in Cuba.

P.S. Senator Clinton? Care to explain why you’re taking money from the HMO lobby? Universal Health Care advocate, my fat, white butt. You’ve got some serious explaining to do.

Attention: This post now lives permanently at http://blog.kgrothoff.net/2006/08/24/removing-u3-and-associated-bundled-software-from-the-sandisk-cruzer-micro-usb-flash-drive/ - please go there for current updates and current comments, and to respond to the post. Comments at this site are now CLOSED.
Ok, so this isn’t really a hack per se, but it’s useful information for anyone who’s just bought one of these little puppies.

I saw this nice little 1GB USB flash drive when I was in Wisconsin last week for 30 bucks (after instant rebate) at a Best Buy. I was there for something else, but my dad had just misplaced his USB drive just before an extended consulting trip to North Carolina, and I figured I’d call and ask if he wanted me to pick one up for him. (My question was really whether I should buy one or two - 30 bucks is a very nice price for a decent amount of storage, and I figured Christian and I could certainly use it.)

So 60 bucks later, I left Best Buy with two little USB drives. They’re nice and small, have a retractable USB connector, and don’t have a cap to lose (which may or may not be a good thing). I thought it was a good buy in any event. When I got to the car, though, I noticed the fine print about U3 technology and some crappy software bundled on the drive (Skype with a free month of voicemail, some password storage software, and an anti-virus package, I think). Eh, I thought to myself. I’ll just wipe it when I get home. As I’ve implied before, I don’t really like companies deciding what’s installed on my hardware for me.

Well, I finally unpacked the thing today, and for some reason or other decided to look up this U3 stuff before I plugged the thing in. I like to know what devices and software are going to do before I let them run amok on my system. Sure enough, Amazon’s reviews of the drive had lots of complaints about the U3 Launchpad application running everytime the drive was plugged in, lots of undesirable stuff going on in the background, errors if the drive was not removed using the U3 tool instead of the Windows “Safely Remove Hardware” application, etc.

Ewww… I thought. This could suck… Bunches of people griping about it can’t mean anything good.

Of course, I’ve overestimated people before.

But after finding out how to fix it and forwarding the link to my father (who I hadn’t talked to since he got to North Carolina and started using the thing), I found out even he had had trouble with it. He’s a darned smart cookie, and he was pretty irritated:

It is REALLY annoying. It even told me that I had removed it improperly without using the f@3$%$*** eject button, even though I had disabled it from windows. … [I] will fix it after I transfer my files, but it’s nice to know that I don’t have to throw the damned thing away!

So I figured posting the fix might not be a bad thing, and might speed up some frustrated person’s search on how to get rid of the unwanted software. Fortunately, poking around at the SanDisk site reveals that it’s pretty easy to get U3 and all of the associated crap off of your drive.

Here’s how it goes, if you’re running Windoze (I don’t know if U3 even runs for other OSs, so if you’re running MacOS X or a *nix distro, the fix may be as simple as just formatting the drive):

1. If you’ve used the device before, make sure you’ve gotten everything off of the drive you need. You’ll be reformatting it. (The application may have an option that allows you to keep the data - I don’t remember - but better safe than sorry.)
2. Plug in the drive - the U3 launchpad will load. You can close the U3 tour program and whatever main window pops up if you like, but leave the U3 launchpad icon in the system tray enabled (i.e. don’t exit the launchpad application entirely).
3. Download SanDisk’s U3 Launchpad Removal Tool (opens in new window) - as the site says, make sure the USB device is plugged in and Launchpad is still running.
4. Run the tool, and choose the option which completely removes U3 and formats the drive.

Voilà, you now have a regular old USB drive which you can break in any way you want.

(Edit: If the SanDisk tool above doesn’t work for you, you might try the uninstall tool from u3.com - thanks to Olaf for the information. I had no trouble with the SanDisk tool, but I can only speak for myself!)

I admit that I am not a fan of bundling unwanted applications with devices or other software. Hell, I get annoyed with programs that install links to URLs for internet providers on my desktop, let alone executables that hide on my disk doing God-knows-what. (Well, ok, I have a pretty good idea as to what, but that’s only because I take the time to find out and eradicate them.) This is just one more example of how companies think it’s really OK to do whatever they want with your machine once you’ve bought something from them - purchase this OS, and you tacitly agree to relinquish control of your data. Purchase this DSL package, and you agree to have MSN as your ISP, even if you don’t need the service. Purchase this hardware, and you agree to let data be tracked that you would otherwise keep private or to run certain applications on your machine that you have no desire or need for.

Now, I understand that part of the reason that drive was so cheap was probably because there was some monetary incentive to SanDisk to push U3 out to consumers. And it was easy enough to get rid of once I looked for a solution. But let’s face it - Joe Blow who uses his CD drive for a cup holder and thinks he breaks the Internet every time his connection lags is not going to know how to find a solution. My feeling is that unless the software is clearly advertised on the packaging along with an explicit mention of how to get rid of the software, companies have no business installing or running anything on your machine that is not directly related to the product you intended to buy.

I loooooove corporate America. Yes, yes I do.

Standard disclaimer: If anything breaks as a result of following any instructions anywhere on this site, the responsibility lies with you, not me. I’m a poor academic - suing me would be pointless anyway…

Attention: This post now lives permanently at http://blog.kgrothoff.net/2006/08/12/how-to-disable-the-actiontec-dsl-modem-web-activity-log/ - please go there for current updates and comments.

So today Christian and I were setting up the extended network in our new house here in scenic Denver. I set up the DSL modem just for my computer yesterday, since Christian has no power in his suite of rooms, and noticed that the modem had a “web activity log” utility and thought, grumbling, that we’d have to get around to turning that off, because surely there’s an easy way to turn that off, right? I put it out of my mind and went out to dig holes in the garden.

Now today, we decided to get Christian set up temporarily until his study is ready to go, so we moved everything around, reconfigured the network, and threaded a lot of cords and cables into the room next to my study. When we were going through the modem configuration page to set things up, Christian saw the web activity log, and his head started spinning around. Now, we had no choice of modems when we ordered from Qwest, and I did not look around on the web enough to notice that Actiontec advertises this as a “feature” (you know, so that you can keep an eye on what your kids/husband/dog are doing on the internet). But clearly this is not something we want.

Sorry folks, but the last thing I particularly want is a modem that is keeping track of what I am doing. When I surf the net to satisfy my Bernd das Brot fetish, I don’t think it’s really anyone’s business. More to the point, in these days of creepy surveillance everywhere, I don’t particularly think it’s a good idea to have hardware sold to me by my ISP keeping track of what I do on the internet, even if Qwest was the only major phone company not to sell customer information to the NSA. It’s not like Qwest couldn’t keep track of what we were doing on their own, but this does seem like a suspiciously convenient solution to the problem of ISPs having to store huge amounts of customer data - why not have the customers store it on their own? And let’s tell them it’s a “feature”! They’ll be thrilled.

Neither Christian or I were happy about it, and while we found a few posts on the net complaining about this “service” being available (and not readily removable) to the customer without his or her consent, we found no solutions. Fortunately, the Actiontec GT-701 (and several of their other modems, it seems) is running BusyBox (a tiny little Linux distro intended for embedded systems), so you can actually telnet in and do stuff to it. With quite a bit of poking around, Christian found where the activity log hides, and we symlinked it to /dev/null to get rid of it. Worked like a charm! There are no guarantees that they won’t hide it elsewhere if folks start shutting off their logs, but in the meantime, here’s the dummies’ guide to how to get rid of that activity log (the only assumption I make is that you can read and you have access to some sort of a telnet client - there’s nothing hard about this):

First, you’ll need to telnet in to your modem with your administrative username and password. If you don’t remember it, it can be changed from your browser on the modem’s web page under Advanced Utilities > Admin Username & Password. In general, unless you’ve done something fancy, your modem (and its web interface) is at 192.168.0.1. If not, you probably know where it is. Anyway, telnet to wherever it is:

> telnet 192.168.0.1
Trying 192.168.0.1...
Connected to 192.168.0.1.
Escape character is '^]'.

BusyBox on (none) login: youradminusername
Password:

BusyBox v0.61.pre (2006.02.18-05:21+0000) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

#

Ok, so now you’re in. You’ll want to change to the directory where the log is hidden:

# cd /var/tmp

The file you’re looking for is log_web_activity. First, you’ll have to remove the file so that we can make it point to something harmless:

# rm log_web_activity

Now, and this is important, in order to prevent the log from being written to, you need to create a symbolic link from the old file name to /dev/null (if you know nothing about Linux/Unix/whatever, think of it as a lovely black hole to which you’ll be shipping your data). If none of that made any sense to you, fear not. Just type what I tell you to type. Afterwards, that pesky file should disappear for good!

# ln -s /dev/null log_web_activity

Now log out of the modem, and you’re home free:

# exit
Connection closed by foreign host.
>

Edit: Note that you’ll have to do this anytime the router reboots. Since, as Christian kindly notes in the comment below, /var is a partition in RAM (and thus it - and your symlink - get hosed on shutdown) and the startup scripts can’t be edited since they’re all in read-only memory, you can’t do anything about it permanently unless you’re industrious enough to build a new ROM image.

In short, anytime your modem loses power or reboots, you’ll have to go through the steps above again.

That should be it.

Now, I’m not saying there might not be people who might have uses for that activity log, but I just don’t think there’s any good reason for my ISP or the manufacturer to put something like that on my modem by default without asking for permission, and plenty of evil reasons for them to do so. This is bad form by industry, and given that your average Joe is unlikely to take precautions to make the box less accessible from the outside, it seems to me to be a reasonably serious violation of privacy. Or maybe the FBI will start getting subpoenas for web activity logs for all Americans who’ve looked at German websites this week dedicated to grumpy bread-shaped puppets with arms that are way too short because some terrorist had bread for breakfast.

Either way, bad idea, Qwest and Actiontec. Bad idea.

Disclaimer: I’m not affiliated with Qwest or Actiontec. Sometimes I’m barely affiliated with me. I also take no responsibility for your modem breaking, exploding, or calling up the FBI to tell them about your bread-shaped puppet fetish. If you really don’t know what you’re doing, call someone (not me) and ask. Use this information at your own risk.

Edit: Thanks to bluezoo7 for catching my typo in the log path…