“The Green Rush”

I’ve come across several articles talking about the marijuana trade in California. The state has permitted medicinal marijuana for a while now, but a growing number of Californians are calling for full legalization, regulated much like the alcohol industry. The reason is simple: no one knows the hard numbers, but most estimates are that it’s a multi-billion dollar industry in California alone, and some estimates for taxes indicate that it could bring in close to a billion dollars in tax revenue.

Another interesting reason is something I saw proposed by, of all people, someone on the far-right, who complained about the far-reaching grip of Mexican cartels. What would happen, they pondered, if the sale and consumption of domestic-grown marijuana were permitted? Wouldn’t the marijuana drug trade with Mexico cease to exist overnight?

Another interesting argument I heard compared current marijuana laws to the Prohibition, a time when gang violence ran rampant to collect illicit alcohol profits, and when alcohol use was rampant and quality was poor. (Moonshine!) John Rockefeller, who had supported the Prohibition, noted that it had actually served to increase alcohol consumption.

There’s a risk that the Mexican cartels would up the pressure on more dangerous drugs, I suppose, or that an unreasonably high tax could keep the black market going. But for a plant that’s supposed to grow like a weed, it seems that legalization would deal a crushing blow to the lucrative, illegal trade, and now, more than ever, the country needs the tax revenues. Regulate it just like alcohol: driving a car while high should be illegal (and surely already is), consuming it in public needn’t be permitted, delivering it to minors shouldn’t be permitted, and selling it without a license to do so can be prohibited. Oh, and you can tax the heck out of it. When the government is making hand-over-fist the money that’s currently going to drug cartels, and when the police stop imprisoning people possessing minor amounts of the plant, I think it will become clear that it was the right decision. Possession of small amounts* of marijuana has been legal in Massachusetts for a while, and the state hasn’t imploded. In fact, I don’t know a soul who has even exercised their newfound right to possess it.

(* I think an ounce of marijuana is actually a pretty considerable amount?)

Since government loves regulating things and taxing them, let’s start treating marijuana like tobacco and alcohol, both of which are dangerous and addictive vices.

Canon Rebel T1i

I was at Costco today and noticed that they were selling the Canon T1i, a new digital SLR produced by Canon. It’s an ogle-worthy camera, with two especially notable features: ISO3200 sensitivity (expandable to include ISO6400 and ISO12,800) to help get shots in darker settings, and video, both at 720p (30 fps) and full HD at 1920×1080, but only 20fps.

I briefly toyed with the one in the store. It had no lens or storage media, which made it hard to use, but I was pretty impressed. It feels like it’s built a bit sturdier than the XTi and its siblings, though I don’t know whether or not it actually was. The LCD is vastly improved, and makes the LCDs on older cameras like my 10D seem laughable. It’s a full 3″, and much higher-resolution. The graphics on the menus were also improved, no longer looking like they were from the 1980s. There’s a dedicated ISO button for rapid changes, and it has the “Custom Functions” that the XTi series lacks. The resolution was needlessly increased to 15 megapixels. Somewhat unconventional for higher-end DSLRs, it uses SD and SDHC, as opposed to the CompactFlash cards Canon has used for years and years. Oh, and there’s HDMI out.

I’d previously sworn this camera off. It was too expensive, and if I was going to spend close to a grand on a camera, I might as well spend a bit more and get the 5D Mark II. But after handling it in the store, I’m now obsessed. B&H has the best prices I’ve seen so far: $815 with the 18-55mm IS lens, and $770 without. (Incidentally, the lens appears to go for $75-125 on eBay.) It’s really tempting to sell my current camera and trade up.

Edit: NewEgg has the kit for less. Shop around because prices vary a lot. The kit is currently only $40 more at some places.


A lot of people in the tech industry have long compared DRM to an Orwellian, big-brother setup. That’s precisely what makes this story so ironic. To be fair, it’s practically an industry-wide practice: although Apple recently started offering its music DRM-free, the iPhone is still a platform that Apple keeps strict control over; Microsoft’s music store is DRM-laden and has even stranded customers. Oh, and Apple’s latest iTunes version supposedly did nothing but prevent functionality with the Palm Pre.

I like it when things like this happen, though, because it gets DRM purchasers riled up, and I like to think that there’s going to be a point at which people stop buying music and videos that won’t play until they can phone home and make sure you have permission to view them. Sure, piracy is a problem, but it’s not my problem. Now that I’m able to buy DRM-free music, I have no problem spending $1 on a good song. Now that TV stations have gotten with the program and begun to offer their content online, it would be pointless for me to try to download torrents of them. I like to think that people are starting to wise up: give us DRM-free content, or give us nothing.

Movie Review: Bruno

I went with some friends to see Bruno (err, Brüno) today. Borat ranked among the most hilarious movies I’ve ever seen, so I had high expectations for Bruno, a movie about a flamboyant fashion reporter from Austria.

A coworker, in describing the movie a few days ago, compared it to a trainwreck: there were parts that were really, really bad, and yet you couldn’t walk away. Borat had some parts that were so offensive and so utterly over the top that it hurt to laugh, yet at the same time, you felt a little offended. I thought Bruno often flipped that: it was a little funny and quite offensive.

Most sexual scenes are blurred out, but there is a bit of, err, graphic male nudity, that was, regretably, not blurred in any way. Much like the other over-the-top scenes, it reached the point of hilarity, but then kept going until it became disturbing, offensive, and not funny.

The movie definitely had parts that were laugh-out-loud funny, and that left me in pain from laughing so hard. But many other parts seem to have horribly offended gay rights groups, while thoroughly disgusting heterosexuals. There were several points in the movie in which I truly thought that Bruno was in danger of being killed, including one in which he travels to the Middle East and dresses in traditional Orthodox Jew attire, except he adds his flamboyant flair, and is chased by many outraged people. He meets with a terrorist while in the Middle East and does nothing but offend him. He goes hunting with conservative hunters and starts hitting on them, at one point stripping nude in the middle of the night and trying to enter someone else’s tent.

The movie somewhat followed the formulaic plot of Borat, which left the movie a bit predictable, and which I didn’t think really made much sense to duplicate. Overall, I’d say that the movie had moments of sheer hilarity, but could have been condensed to about 20 minutes, with the removed 60 minutes being comprised of about 10 minutes of filler between the funny parts, and 50 minutes of stuff that went too far and became offensive, or which was really much more graphic than was needed. Everyone who saw the movie with me seems to have drawn the same conclusion: funny at times, but I really wouldn’t recommend it.

And, dear God, to the mother who brought her early-teens son to the movie and sat in front of us: what in God’s name were you thinking?

Blocking Ads

A while back, Internet advertising was incredibly obnoxious. Sites would draw you in, and then they seemed to care more about ad impressions than their content, so you would be barraged with advertisements. Popups, popunders, flashing ads, ads covering content, ads playing sound, ads trying to install software, ads resizing windows…

Switching to Firefox prevented the egregious stuff that should never be allowed (like popup ads resizing windows and installing software), but it was still a nuisance. One day I discovered AdBlock Plus, and I basically never saw any ads again. For a really long time, life was great.

Over time, my conscience got to me. (The fact that my paycheck comes from an ad-supported site might help, too.) Whilst certainly not legally-binding, I came to see a lot of Internet sites as having a tacit agreement in place: you can access our content for free, as long as you view our ads. It’s kind of like commercials: there’s no expectation that I’ll sit glued to the television and watch every second of them, nor is it expected that I’ll do business solely with companies that advertise on TV. But commercials are the only reason I can watch TV for free, just as ads are the only reason many of the sites I enjoy are free.

So I turned off AdBlock Plus, and started viewing the web the way a lot of other people saw it. And I felt good about myself. Even if it’s only a few pennies at a time, I was helping to support the sites I frequent. Every now and then I’d find an ad that was actually interesting or relevant, and I’d click on it.

But then I had another revelation. A lot of Internet ads aren’t at all like commercials. It’s like a gang of mobsters leaping out of my televisions at commercial breaks, holding me on the couch and performing annoying charades while showing me graphic photographs of how well their male enhancement products work, all the while making an awful racket and getting in my way. And it’s like commercials that pop up in the middle of a suspense-packed action screen, completely obscuring whatever is going on. In the few years when I didn’t  view advertisements online, it seems that advertisers have had to become even more obnoxious to cope.

And for that reason, I have reenabled AdBlock Plus. I sometimes think I should allow it to display advertisements on some sites that I frequent that display only tasteful ads, but other times, noticing just how obnoxious ads are, I think it’s not worth my time.

What I feel worst about isn’t a sort of “soft theft of service,” but the fact that I may unknowingly link friends, coworkers, or blog readers to sites with popups and obnoxious ads, because I don’t ever see them. It’s a cruel world out there.

What are these hostnames?

I’ve been getting slammed with spam lately. It’s all to a handful of spamtraps on a few domains I have, so it’s actually wonderful that it’s happening, because none of it hits my inbox; spammers are just adding themselves to a blacklist.

I’ve been watching logs and connections, and noticed that a lot of clients are sending bizarre HELO strings in all upper-case with random letters. The pattern seems vaguely familiar, and “Windows workgroups” is coming to mind. Do these hostnames look like that? If not, anyone have a clue what is generating these?

  • helo=<PAXCUKKG>
  • helo=<NYQYUOMZL>
  • helo=<LMVXJTSES>
  • helo=<CKIXNPSWT>
  • helo=<XAXFJJYARI>
  • helo=<PVXXAZG>
  • helo=<JAEGSJZG>
  • helo=<ROEXRPII>
  • helo=<BOAQJJLY>
  • helo=<SHVRBJWD>
  • helo=<ABFCMWVYB>
  • helo=<TJMTPVEWS>
  • helo=<MZPLTGALG>

Incidentally, this argues towards the use of the reject_non_fqdn_helo_hostnames parameter, except that in my case, it would just block them from hitting a spamtrap. (Although really, a very small minority of good mailservers are thought to be misconfigured and identify themselves without an FQDN HELO, so this isn’t 100% safe.)

When I get around to it, I think I want to set my new server up with a little FreeBSD virtual machine and use spamd to torture spammers by talking to them at 1 byte/sec.


I’m yet to see who has purchased Pocket Ref give it anything but a 5-star review.

The concept is repeated in various niches, too (from different authors): AutoRef focuses on car, Pocket PC Ref for computers, Handyman In-Your-Pocket for… handyman stuff…?, and even Pocket Partner meant for cops, but with a lot of reviews from people who find it useful for dealing with Hazmat stuff.

I think I’m going to have to pick some of these up. They’re pretty slick.

False Positives

For someone providing e-mail services, allowing spam through is bad. Go0d mailserver admins get their spam rejection rate as high as they can.

But for someone providing e-mail services, flagging good e-mail as spam, known as a false positive, is really bad. Good mailserver admins have a false positive rate of 0%.

Looking through e-mail bounces from a (legitimate, opt-in) bulk e-mail sender, I’ve discovered a few things that are done wrong. For one, people are just using really bad lists. The five-ten-sg.com blacklist is a notorious example. It took me a long time to get unlisted from them, because someone else in the same datacenter had sent them spam once upon a time. They’re far from the only blacklist doing this, but the point is the same: look into the blacklists you use before you reject mail because of them!

Another thing, though: don’t reject mail because one blacklist says it’s bad. When I get around to setting up a new mailserver, my plan is to score IPs based on how many blacklists they have, weighing more accurate blacklists more heavily. Tools like SpamAssassin do this already. (My plan is to delete from the graylist table when IPs show up in numerous trustworthy blacklists; my area of interest is in the ability to reject mail before they even deliver the message body.)

In other news, my table of IPs that have delivered mail to various spamtraps in the past week have been in overdrive. Just over 2,000 hosts; the most recent 100 all came in within the past 8 hours. The month’s graph is pretty surprising:

The list is available here, but heed my warning above: don’t trust it alone.


Any time I’ve worked with performance tuning, I’ve found that caching gives the highest rewards with the least work. It’s entirely possible to see thousand-fold increases if you employ caching in the right places. My WordPress install used to run complex SQL queries on every page, and I benchmarked it at 4 pages/second under ideal conditions. I now do some trivial caching of the results of those queries and can push over 400 pages/second. Your OS caches files in unused memory since it’s so much faster than disk, and your browser caches static assets on a site so your browser doesn’t have to download them again for every page view.

But here’s what I’m actually posting about: What is it with people and cleaning out their caches all the time? It’s like caches are some sort of gunk that builds up and clogs up the works. It’d be like me being distraught to find that money is clogging up my bank account and trying to find a way to purge all the money so I had more room in the bank. This is one of those things that’s slightly amusing and only slightly irritating, until you talk to the tenth user in a row who talks about clearing their caches to try to make their computer faster. Why?! What is going through their heads?

Mastering your tools

One thing I’ve found with computers is that most people only learn the basics of many of the tools they use daily. Articles like My top 8 time-saving Firefox shortcuts are great ways to quickly pick up on the little things I never knew about (Ctrl+K to jump to the search bar, and Ctrl+L to jump to the URL bar!).

Today I found myself with a badly-formatted CSV file. Many of the last columns had newlines in them, which isn’t something a CSV should have. I fired up vim, and after a couple minutes, found out the regular expression to find any line that doesn’t end with a quotation mark: /[^”]$/ will do that. (Aside: regular expressions are giant pains, but I don’t know of any easier way to do what they do. I could write code to iterate over every line, but then I’ve got 15 lines of code instead of five obscure characters.)

Pressing “n” jumps to the next pattern matching that, and “J” pulls up the previous line to the current line. “n” again to the next match, and then “.” (easier than Shift+j for an uppercase) repeats the J. I soon realized that there were more instances than I thought, though. The ideal way would be have a regular expression to do the replacement, too, but I couldn’t find an easy way, so I did the next best thing and defined a macro. “qr” defined a macro named “r”, and pressing “n” and then “J”, the two steps from above, recorded them as a macro. “q” again stopped recording, and then “@r” ran the macro. Of course, “@r” (@@ does the same thing) wasn’t much easier to type than “n.n.n.n.n.n.n.” over and over.

So I ran “100@r” to run the macro 100 times. I realized that there were way more cases than I thought, and “10000@r” finished it off.

I was left noticing a few things. One is that many of these things were really obscure. To a UNIX power-user, it’s perhaps cake, but to a more average user, it’s black magic. I decided a while ago to make an effort to really learn vi. I’m only a small fraction of the way to mastery, but I’ve found that the time I invested in learning the lesser-known features has been well worth it.

Another thing I wonder about is how I could have done this more effectively. It seems like there ought to be a way to run a vim command for every spot that a regular expression matches. And putting a huge number in front of a macro to run it as many times as needed seems like a hack. At the same time, I know that using a heavyweight text editor was a no-go. This was an enormous file and text editors were dying under the load of trying to deal with the whole document. vim doesn’t mind a gigantic file.

I’ve learned some handy shell tricks and more about MySQL in the past year, too, and both have gotten me far. It sometimes doesn’t seem worth the time, but every time I’ve made an effort to really master all the nuances of a tool, I’ve recouped my time investment many times over.