Ketil Froyn's blog

SugarCRM IMAP and SSL compound issue

I'm busy setting up SugarCRM community edition 5.5.0, and learning about how to use it for sales, marketing and support activities. Installing on Debian and getting started was pretty easy, but when setting up SugarCRM to check mail, I ran into a couple of issues.

Firstly, the email in this case is hosted Exchange 2007, and I was setting up IMAP access. To do that, I needed to use SSL access, but the Inbound Email Account refused to let me save the SSL option set. I selected SSL, and it changed the port to 993, but SSL showed as off when I next viewed the account details.

To fix this, I first tried to edit the database directly, something like:

update inbound_email set port=993, service='::::ssl::imap::::' where deleted=0 and server_url='imap.example.com';

For some reason, however, it kept on stalling when I tried to connect, so this didn't solve the issue for me.

Next I tried to set up a plaintext IMAP server on the SugarCRM server, that just tunneled the connection to the Exchange 2007 IMAP SSL server. I did that using stunnel and tcpserver, with a setup something like this:

HOST=127.0.0.1
PORT=143
USER="Dimap"

exec /usr/local/bin/envuidgid $USER /usr/local/bin/tcpserver -U -D -c 20 $HOST $PORT /usr/bin/stunnel3 -c -f -r imap.example.com:993

And then I just used "localhost" and no SSL in my SugarCRM configuration. However, this also failed when I tested the setting, giving me the error "SECURITY PROBLEM: insecure server advertised AUTH=PLAIN Please check your settings and try again.", which is a php error message when connecting to an IMAP connection. That is of course correct in the general case, but when connecting to localhost, it's not a security issue. This wasn't meant to be easy...:)

Digging around online a bit more, I came across this workaround, which actually involved editing the source. That's usually a fix to steer clear of, because it is highly likely to break no the next upgrade, but I went ahead anyway. Doing what jeff.esquivel suggested worked fine for me.

At least I got it working finally. The ideal solution would be to solve the timeout with the initial connection after I edited the DB, but I didn't have time. Hope this is useful to someone out there.

Fuel from termites: methane

I stumbled across an article online about methane emissions by termites. It's a short article, and discusses "Human Impact" and "Potential for control".

However, the idea struck me that it should be possible to farm termites for their methane, collecting the methane and using it as fuel. It's a potentially low-tech method to convert cellulose to a gas fuel. It's probably a wacky and utterly useless idea, (ie. how to transport enough cellulose to the termites, where to keep them in a good climate, how to control the climate, risks related to release of methane, etc) but it's mine, so I'm keeping it!

IDNA failure of URL shorteners

After reading mashable's article on idn phishing today, I started playing with IDNs and a "fake" version of paypal.com. That turned out to be quite interesting.

Firstly, problem with different, but same looking characters, is an issue that many have been aware of for years and years. But since ICANN are fast tracking the IDN ccTLD process, this could start affecting domains on some ccTLDs in 2010.

But while I was playing around with the domain www.pаypаl.com (those as are not what they appear to be), I spotted some failures of IDNA in some very popular applications. Check out these shortened URLs:

http://www.pаypаl.com/ => www.xn--pypl-53dc.com The original IDNA name, as it should be
http://bit.ly/5nwoTN => www.p%d0%b0yp%d0%b0l.com
http://is.gd/5J7RX => www.p%d0%b0yp%d0%b0l.com
http://tinyurl.com/ydoswae => www.pаypаl.com
http://doiop.com/haq71d => www.p%d0%b0yp%d0%b0l.com
http://cli.gs/YU0Rsu => www.p%d0%b0yp%d0%b0l.com
http://zi.ma/72ee21 => www.p%d0%b0yp%d0%b0l.com
http://twurl.nl/ykue1g => www.p%d0%b0yp%d0%b0l.com

Interestingly, all of the above fail. I guess they all need to learn about IDNA and PunyCode.

It was also interesting to note that Facebook actually converted the link to punycode, as: http://www.xn--pypl-53dc.com/. Not bad!

Gift ideas

I'm a procrastinator. So I usually end up doing stuff at the very very last minute, or a bit later. So I was really pleased to come across these last minute gift ideas, where some can even be bought online now and given in about 2 minutes. Great when you're in a squeeze and need to buy a gift fast!

Hope you find that useful. :)

Windows 7 sells because Windows Vista sucks

According to this article, Steve Ballmer says that Windows 7 sells twice as fast as any other Microsoft OS in the same period. And he puts it like it's a good thing.

Here's an alternative analysis. Millions of computers have been sold with Windows Vista preinstalled during the last couple of years. Some users and businesses have "upgraded" to Vista, because upgrading usually sounds like the right thing to do. Now they're fed up with running a disabling operating system on their computers. With the down economy, people buy Windows 7 to be able to use their computers productively. It's good for Microsoft to have the squeeze on their customers.

Video clip downloads

Are you looking for video clip downloads? Clipcanvas offers professional quality stock video clips for purchase and download. Almost regardless of which video editing suite you are using, Clipcanvas delivers a professional quality video clip for download that will suit your workflow.

To get started, register on Clipcanvas to search the entire stock video footage database available, and work creatively by using the preview free video clip downloads. You can make test productions to secure the project before you pay anything to buy video clips on Clipcanvas.

Good luck.

Installing Debian Lenny on a Dell 1950 III - Remotely

I decided to reinstall a server today, and wanted to install Debian Lenny (5.0.3) on a Dell 1950 server. The challenge was that the server is somewhere else. But fortunately, I have a DRAC5 card set up, so I can get remote console and reboot when necessary, etc.

First of all, the server was running windows from before. I used VMware Converter to back up the entire computer, and consolidate it onto another VMware system. (Now I just need to find out how to convert VMware images to Xen images).

Next step was to install Debian. I followed the instructions at http://www.debian-administration.org/articles/478 to install from PXE boot, except that I used Lenny packages and amd64 architecture, available at http://ftp.uk.debian.org/debian/dists/lenny/main/installer-amd64/current/images/netboot/debian-installer/amd64/. I downloaded all files and subdirectories from here into my /var/lib/tftpboot directory, and did the following for internal references between files to be correct during install:

cd /var/lib/tftpboot
mkdir debian-installer
cd debian-installer
ln -s ../ amd64

Then I booted my Dell server, making sure to select PXE boot by hitting F12 on the remote console at boot time. The installer started, but then I ran into the problem described at http://insanelabs.com/debian/debian-lenny-cannot-load-broadcom-nic-drivers-asking-for-firmware-bnx2-06-405fw-during-install/. Argh! So now I also need to insert a flash pen (or something) with some files during the install.

After a lot of trying and failing, I found the following:

Virtual Media won't work on my Firefox 3.5
Virtual Media won't work on my IE8
Uploading a Virtual Flash drive didn't work on Firefox 3.5
Uploading a Virtual Flash drive WORKS on IE8. If the image is small enough. 16MB was too big, 4MB was ok.

But as you have guessed, I had to create a Virtual Flash image file, which I later uploaded using IE8. I had to do that, because I don't have hands-on access to my server (without paying for it). So to create the necessary virtual image file, I did the following. You can maybe skip a step or two, but this worked for me.

dd if=/dev/zero of=flash2.img bs=1M count=4
/sbin/fdisk flash2.img
> x
> c
> 2
> r
> n
> p
> 1
> 1
> 2
> t
> b
> w
losetup -f flash2.img # From here, I assume you also get loop0. If you're not sure, be VERY careful from here...
mkfs -t vfat /dev/loop0 # apt-get install dosfstools if you don't have mkfs.vfat
mount /dev/loop0 /mnt/tmp
cd /mnt/tmp
wget http://ftp.se.debian.org/debian/pool/non-free/f/firmware-nonfree/firmware-bnx2_0.4+etchnhalf.1_all.deb
wget http://ftp.se.debian.org/debian/pool/non-free/f/firmware-nonfree/firmware-bnx2_0.14+lenny2_all.deb
cd /
umount /mnt/tmp
losetup -d /dev/loop0

Following this procedure, the file flash2.img was an acceptable flash image that worked when I uploaded and enabled it on the Dell DRAC5 card during the Debian install.

But of course, that's not all. After finally installing Debian, and rebooting, the system won't boot. Apparently, partition and disk configurations are wrong. I had to edit the GRUB boot command line, and change root=/dev/sdc1 (which was wrong) to root=/dev/sda1. When the system boots, edit /boot/grub/menu.lst, changing all entries of sdc1 to sda1. Also, edit /etc/fstab, changing references to sdc to sda.

Finally I have a system that boots each time I try (so far, anyway). It wasn't plain sailing, but now I know how to remotely reinstall a Dell server with Debian Lenny. :)

URL shorteners: Publicize links

All serious URL shortener services should publicize information on all short links and what long links they point to. This should be seen as a public responsibility.

As more online traffic follows these short URLs, there will be more business value attached to the sum of this traffic. If you are a small business incidentally getting large parts of your traffic through short URLs that have been used online, you could end up as collateral in the fall of the URL shortener in question.

The URL shortener tr.im is now discontinuing its service, leaving all tr.im links ever used dead.

As a user, only use URL shortener services that publicize links. I don't see what good it does the user not to publicize this, given the nature of the service. If I did miss a useful use case for this, I suggest the URL shorteners make this an out-out feature, so users can choose not to publicize if they so wish.

You could, of course, just use the major URL shortener and hope it doesn't die out. But shocking outages and bankruptcies do happen. Would this one be so shocking?

Suggestion: HTML REF tag

I have a suggestion for a new HTML tag. My unresearched suggestion is to make it the REF tag, and it could work something like this: <ref href="http://www.example.com/">>Some text</ref>.

The behaviour of a REF tag should very closely mimic the behaviour of the A tag, in that it creates a clickable link. The semantics, however, are different. It should be taken to mean that the current page is referring to the page referenced, http://www.example.com/ in the example given. To a reader (bot or human), it should be interpreted as "the current page is a reference to the information on the URL given, as an answer, corroboration, disputing the information, or in other ways responding to the information given at URL".

This could be used by the author of a page to indicate that she is giving a specific reply to another page. If I were to comment on an article published online by CNN or The BBC, I would add a REF tag to my page, and search engines and other services could display this is a comment. A browser plugin, for example, could use such a service to show a reader of the original page a synopsis of my article, thereby giving anyone the possibility to reply to any article published online by anyone, on their own page, and still let it be discoverable.

It is possible that only one REF tag should be accepted per page. Perhaps it should be allowed only in the <HEAD> of a document? I'll leave that to more well informed people to decide.

Open Source Public Software

I think publically funded systems should be made open source. For example, systems like ticket systems, voting systems, hospital systems, law enforcement systems, and probably lots more, should be developed as open source projects. This is a good idea because:

It avoids vendor lock in.
For systems paid by tax money, it gives any tax payer the control to evaluate what is being created, and even take part if they like.
It allows countries, governments or states to cooperate and collaborate in creating and maintaining solutions that are similar or the same in many countries.
It allows for interoperability between systems in different countries
Systems developed for use in one or more countries can later be reused by other countries, including developing countries.
Parts of systems can be branched to separate libraries, allowing for reuse in multiple systems.
If development is sponsored by one or more countries, there is great opportunity for companies to earn well on both development and support of these systems, many which will be complex.

I believe these arguments make a strong case for changing the way publically funded systems are developed. I'd be happy to hear arguments for why this would be a bad idea. But this is unlikely to ever happen unless it is made a requirement by the public.

Professional HD stock footage - Clipcanvas.com

Clipcanvas.com is a major professional stock video footage site.. All footage is vetted by professional curators before publishing. To a user searching for footage, this means your search will be more efficient, allowing you to find what you are looking for faster.

Check it out: Professional HD stock footage.

More Ubuntu inittab/event.d woes

Not only did Ubuntu change inittab to event.d/, now they changed the format of files in event.d/ in the move to 7.04 - Feisty Fawn, and I didn't find the format defined in any relevant man page.

I upgraded to 7.04, and svscan wasn't running any more. I added the /etc/event.d/svscan from my previous posting, and when I tried to start it I got the useless error:

start: Unknown job: svscan

Brilliant... So what's wrong now? Apparently the format of the file. The correct format is now:

# svscan - daemontools
# 
# This service maintains an svscan process from the point the system is
# started until it is shut down again.

start on runlevel 1
start on runlevel 2
start on runlevel 3
start on runlevel 4
start on runlevel 5
start on runlevel 6

respawn
exec /command/svscanboot

Now it's again possible to run start svscan to fire it up.

daemontools on Ubuntu 6.10

So I installed Ubuntu 6.10, and proceeded to install daemontools. Everything worked as usual, I had to fix the errno issue, and voi... huh? svscan didn't start!!

I poked around a bit and found out that Ubuntu has apparently dropped /etc/inittab in favour of /etc/event.d. So /etc/inittab doesn't exist any more, and nothing is done for backwards compatibility. Idiots...

So here's the solution for daemontools. Follow the instructions on http://cr.yp.to/daemontools/install.html. When you are done, create the file /etc/event.d/svscan with this content:

# svscan - daemontools
# 
# This service maintains an svscan process from the point the system is
# started until it is shut down again.

start on runlevel-1
start on runlevel-2
start on runlevel-3
start on runlevel-4
start on runlevel-5
start on runlevel-6

respawn /command/svscanboot

Then, as root, run start svscan, and it should be up and running!

Download mp3 tracks with no DRM

I've searched around a bit and finally found a place I can download reasonably priced music from a site that isn't legally dodgy. At eMusic I have so far downloaded my 25 free songs in my trial period, and I'm really happy with all the stuff I found. eMusic only has independent labels, so you won't find all the crap you hear on the radio there. There's a wide selection of different styles of music there, and with the price being down to one tenth of what you pay on iTunes, for instance, it's pretty cheap!

Happy downloading,
-ketil

Uri Geller debunked

Sometimes the name Uri Geller pops up in every day conversation. It appears that Uri has been pretty thoroughly debunked, but I guess only people who take a special interest keep updated on this.

There's a concept that the more incredible a claim is, the more credible the evidence has to be for it to be believed. Public showings of such skills are not evidence, because you can't rule out trickery. Bending spoons with one's mind goes against everything human kind has ever learned through systematic research.

Uri Geller has been bending spoons for years. It is pretty strange, though, that someone who allegedly has such remarkable powers should keep doing something so utterly useless. Anyway, there's a few people who have looked closer at Uri Geller's claimed powers. The results of some of them are:

Cheers for now,
-ketil

Changing languages in The GIMP

I finally figured out how to change languages in The GIMP, and documented that here.

It was almost too easy once I knew how, but I couldn't find it anywhere, so I figured I'd write about it for the search engines.

Cheers,
Ketil

Cheap(est?) linux server

I've discovered unixshell.com. They provide really cheap linux server hosting. You get root access on a virtual dedicated server, and you can pretty much choose how much memory you want it to have. It might seems little, but most (good) server software doesn't use much memory. That's for the desktop GUI style software. For email and DNS server software I can strongly recommend qmail and djbdns.

I've also figured out how they keep the prices so low. It's unmanaged hosting, meaning that you do all the setup and configuration yourself, and they don't pay some techie to watch you in case you make mistakes. If you screw up you're pretty much on your own, but if you're a Linux savvy user, this might be exactly what you want. With the ssh-to-console feature, it is like having direct access to the server.

I've had a server running at unixshell for a while now, and so far I'm really pleased with the cost and value of their products. With all my usage, I've spent 0.057 of my 128GB per month transfer allowance. Let me know if you find anything cheaper, please.

Happy hacking.

-ketil

Norwegian specialty gourmet cheese

In Norway we have 2 very particular types of cheeses, pultost and gammalost. They are healthy, being low fat, high protein cheeses. Like I said, very particular.

The thing is, when I ask people of my generation, they've never tried it. Most people have had an encounter as a child, but never since. This is interesting, because a lot of people like French and Italian cheeses, so why not try the Norwegian ones? This got me wondering, so I've gone out and bought both types to try them. Now I think I'm starting to get it.

Firstly, I think it boils down to a really bad PR job. The name pultost can literally be read as fucked cheese, and the name gammalost means old cheese. Not very attractive names, to say the least.

Secondly, they taste downright bad! I'm very fond of blue cheese, myself, taking a particular liking to the English stilton, so I like my cheeses strong. But this stuff? Sheesh... Perhaps the names are right.

Thirdly, they look awful! Here's a picture of classical Norwegian fucked cheese:

Look nice? The brown bits are caraway, and besides that pultost is made of skimmed milk, water, salt and something I'll translate as lactic acid culture, which I guess is what makes the cheese solidify.

Bon apetit.

-ketil

Installing cygwin on a closed net

I've worked out how to install cygwin from a webserver in a closed net. It sounds easy, but the current setup.exe is hardcoded to download a file mirrors.lst from a site online before it lets you specify your own mirror, and this obviously fails in a closed net. (Instructions for downloading all the cygwin packages are available on the cygwin website.)

On your webserver, put the cygwin mirror in a directory called cygwin/, so that it is available like http://YourWebServer/cygwin/setup.ini. In this same directory, create a file called mirrors.lst with a line looking like this:

http://YourWebServer/cygwin;YourWebServer;Europe;Norway

Now here's the real trick. setup.exe automatically tries to download the file http://sources.redhat.com/cygwin/mirrors.lst when you install from the internet, but when this isn't available we can point sources.redhat.com to our webserver. The easiest way is to set up an entry in the hosts file on windows. This is done by adding a line like this to your c:\windows\system32\drivers\etc\hosts file:

sources.redhat.com		192.168.0.3

assuming that your webserver has the IP 192.168.0.3. Now setup.exe will contact your webserver on 192.168.0.3 when it tries to contact sources.redhat.com.

Happy cygwin-ing.

-ketil

Another beer brewing championship

On Saturday 25 March the annual Norwegian Homebrewing Championship was held at Chateau Neuf in Oslo. The brewer of the beer with the most points this year was Espen Lothe from Florø with his Tykjen barley wine. Here's the proud winner:

It was a pleasure for me to see the biggest and most diverse crowd I've seen at any of these arrangements in Norway before. The interest in homebrewing is growing, and the results can only widen our horizons.

-Ketil

Beer from the tap

I'm going to start 2006 (very late) with this happy bit of news. In Norway we get beer flowing from our taps. And people say beer is expensive in Norway? Sheesh...

-ketil

Oppf�lging, Du er hva du spiser

Som en oppf�lger til forrige artikkel kikket jeg litt mer p� websidene til Du er hva du spiser. Jeg kikket spesielt p� siden med sponsorer/leverand�rer, og de fleste kjente jeg igjen, men en skilte seg ut. Det var Jahpron medical. Jeg kikket p� vareutvalget, og selv om jeg ikke kunne finne et s�nt fotbad som jeg nevnte, var dette et "medisinsk" utvalg som jeg mener s� litt tvilsomt ut. Her er det blant annet akupunkturn�ler, magneter, �relys(!), og nyheter med overskifter som "Magneter som medisin". En rask videre unders�kelse viser at Jahpron medical er et enkeltpersonsforetak drevet fra Bod�. Jeg tipper Jahpron tjener bra...

Nevnte jeg at �relysene hos Jahpron koster 208 kroner (eks. mva!) for 10 stykker? Det er god pris for stearinlys, lurer p� hvilke av ingrediensene som er s� dyre. P� lysbutikken.no koster vanlige kronelys 4 kroner per stykk.

Dessuten ser det ut til at lyset skal st� i �ret. Is�fall er det jo interessant � ta i betraktning dette sitatet fra professor dr. med. Erik Teig ved Rikshospitalet:

For �vrig gjelder de gamle r�dene om at man aldri skal stikke noe inn i �ret for � rense det, verken bomullspinner eller annet. I tillegg til � stikke hull p� trommehinnen og irritere huden i �regangene, risikerer man � skyve en vokspropp lenger inn slik at den setter seg fast. Pleien av �rene b�r begrense seg til � rense opp ytterst i �regangen.

Kilde: http://www.helsenytt.no/artikler/horselskader.htm

Hva om man ved et uhell f�r stearin i �ret? Som en bekjent av meg formulerte det: i min verden skal voksen ut av �ra, ikke inn!

-Ketil

Aqua Detox p� TV3

I dag mistet jeg respekten for programmet "Du er hva du spiser" og Sissel Bondhus. I tillegg til � endre dietten og f� mer mosjon, blir dagens objekt, Merethe, sendt til kvakksalvere. Hun ble bedt om � ta et fotbad som skal trekke gift ut av kroppen! Sissel, selger du deg til sponsorer, eller skj�nner du ikke at dette er v�s? Godtroende folk som ser programmet kommer til � betale pengene sine til de som driver med dette for � ta slike fotbad, og jeg mener at de blir lurt!

Dette h�res kanskje veldig bastant og p�st�elig ut, hva vet vel jeg? Jo, det skal jeg fortelle. Rettere sagt, la meg henvise direkte til kildene:

Kort oppsummert, det brune som blir igjen i badet er fra elektrodene. Om du kj�rer et slikt oppsett uten � sette i bena, blir det sannsynligvis like brunt.

Jeg synes Merethe, dagens gjest p� programmet, fortjener ros og respekt for hennes skeptisisme. Det hun sa var "Jeg f�ler meg hvertfall rein p� beina" (eller noe s�nt).

Sissel, skjerp deg! Det er viktig at folk spiser riktig og behandler kroppen sin riktig, men innslag som dagens "aqua detox"-fotbad hjelper ingen andre enn de som selger dem eller tar penger for � bruke dem p� deg! Det hjelper ingen � tro at det finnes snarveier for � holde seg frisk.

-Ketil

bluexmms and Sony Ericsson Z800i

I came across a nifty(?) utility online called bluexmms. I figured I would try it out with my newly acquired Billionton bluetooth USB adapter on my Debian 3.1 GNU/Linux computer and my Sony Ericsson Z800i phone. To get it to work I did something like this. Remember to switch on bluetooth on your phone and make it visible.

First, as root:

apt-get install aumix bluez-utils bluez-pin xmms 
apt-get install libmikmod2 libxmms-ruby ruby1.8-dev ruby
hcitool scan
rfcomm connect 00:11:22:33:44:55

Then, as any user:

wget http://linuxbrit.co.uk/downloads/bluexmms-1.1.tar.gz
tar xvfz bluexmms-1.1.tar.gz
cd bluexmms-1.1
make
./bluexmms

It actually worked. Nothing amazing, but fun nonetheless. I did some weird stuff like switch off my phone while it was connected, and kill the bluexmms program, and my laptop actually crashed so I couldn't do anything but force a reboot. I didn't debug any more, but i'm guessing that bluez caused this, not bluexmms itself. Not too impressive, but who cares about stability/security as long as it works, right? That's life in the mobile world.

-ketil

Intelligent design

I've just about had it with this intelligent design debate. I find it is a dirty debate, filled with trickery and sneaky rhetoric. At the same time, it appears that most taking part in the debate (on both sides) are missing one of the most important points. Followers of ID can't handle it when they can't understand and explain everything, and need to attribute complexity to an intelligent designer. But there is nothing wrong with saying that something is not understood; it merely shows that you know what the way forward is to learn more.

Now, if we can just accept that the universe is incredibly complex, we can move forward. Evolution is a testable theory, and it can be used to predict events before they happen. ID is nothing of the sort, and appears to be the exact opposite; a convenient subset of observations seem to have been selected as "evidence" for ID.

How about focusing more on finding out the details we don't understand fully so we can concentrate on getting better, instead of just caving in and saying "it's just so"?.

Still hoping,
-ketil

Homeopathy and blind faith

I had a virtual encounter with Mr. Andreas Bjørndal here. The occasion was that a popular science show on norwegian TV raised the subject of homeopathy, and Mr. Bjørndal was there representing norwegian homeopaths. After the show, he answered questions.

The conclusion? He's deluded. Let me explain why I say this. Here's a translation of my question:

BLIND FAITH
I "know" that homeopathy doesn't work, but Bj�rndal "knows" that it works. Who
is right? Bj�rndal's point of view is a result of him seeing people recover
after using homeopathic preparates. I believe this happens because most people
recover in any case. Additionaly, research has repeatedly made it clear that
no effect can be attributed to homeopathy, and nobody can explain homeopathy.
However, all this taken into account, I would change my view if I were to see 
sufficient evidence in favour of homeopathy. What, specifically, would make
Bj�rndal change his opinion?

Mr. Bjørndal's response was enlightening. Observe:

When you have worked for 25 years and seen patients with serious ailments
who have tried everything for 10-15 years without getting better. When you try 
3-5 different homeopathic remedies without effect and then find the substance 
that every time the patient gets ill even if it is the cold, a headache or 
intestinal infection, then it is difficult to find other explanations. I can
tell you that when I started studying natural medicines I was very sceptical 
to homeopathy, only when I saw the effect it had on family and other patients 
we saw in the education did I change my view. Give me good documentation that 
it does not work and I will be the first to stand by it, but then I would 
prefer a better explanation to what I have seen during 25 years of practice. 
It can't be placebo when both my patient and I think ok, let's try one more 
remedy.

I have tried not to change the meaning in translation, but some of the sentences are incomplete because they were so in the original.

First of all, Mr. Bjørndal shows that he has no concept of what "knowledge" is. He says he has seen it working many times (just like I said in my initial question, I might add), so it must be true. This is completely misguided. There could be any of a number of explanations to each one of those single cases. Perhaps his patients felt sorry for him after trying so hard all those times, and lied. Perhaps they used normal medicine together with it, and wouldn't tell him in case he got upset. I'm sure most readers could conjure lots of other explanations. Another primary concern I have is the possibility to go back and verify all these cases. Does Mr. Bjørndal keep track of all his failed cases? I doubt it.

Secondly, Mr. Bjørndal demonstrates a lack of understanding of the methods of science. He invites the reader (or me?) to give good evidence that homeopathy does not work. How can I prove that something does not work? I can try to demonstrate whether something works, and when that fails enough times I will discard that idea as wrong. Demonstrating something the other way round is, as far as I know, something for mathematicians.

The final point I will make is that Mr. Bjørndal makes suggestions in another of his responses that homeopathic remedies are better than antibiotics, and that antibiotics only breed stronger bugs. As if homeopathy wouldn't do the same if it had an effect. I'm almost tempted to say this alone is evidence that it doesn't work...

Hopefully,
Ketil Froyn
ketil@froyn.name

Installing Debian packages from CD images without burning the CDs

The Debian distribution is growing, and now consists of something like 7 CDs or 2 DVDs. But no simple way is provided to install packages directly from the ISO images without burning them to a CD or DVD first. I decided I'd like to do exactly that, so I'll share how I did it here. Perhaps the Debian developers will add functionality to apt to do this automagically at some point.

Put the ISO images somewhere sensible.

mkdir /iso
mv debian-31r0a-i386-binary-*.iso /iso

For each ISO image you need a directory to mount it on.

mkdir -p /mnt/deb/iso1
mkdir -p /mnt/deb/iso2
mkdir -p /mnt/deb/iso3

and so on...

For each ISO image add a line to /etc/fstab to mount it on system startup.

/iso/debian-31r0a-i386-binary-1.iso	/mnt/deb/iso1	iso9660	loop	0	0
/iso/debian-31r0a-i386-binary-2.iso	/mnt/deb/iso2	iso9660	loop	0	0
/iso/debian-31r0a-i386-binary-3.iso	/mnt/deb/iso3	iso9660	loop	0	0

and so on...

For each ISO image add a line to /etc/apt/sources.list to use it.

deb file:///mnt/deb/iso1 sarge main contrib
deb file:///mnt/deb/iso2 sarge main contrib
deb file:///mnt/deb/iso3 sarge main contrib

and so on...

Tell Debian to use use the images.
```
mount -a
apt-get update
```

From now on apt should use the ISO images directly when you install packages.

-Ketil

ASUS A8V Wireless Edition on Linux

I have made instructions available on how to use the wireless interface on the ASUS A8V Wireless Edition motherboard under Linux. These instructions should work for anyone using a device with the Ralink RT2500 chipset. Judging from the number of hits I get on similar instructions I have made before, I assume this will be useful to someone.

-Ketil

Leave environmentally friendly, please

Apparently, when you are buried after you die (hopefully), the usual process of being buried in a coffin etc. is remarkably unfriendly to the environment. Enter the Natural Death Centre. They aim to "support those dying at home and their carers, and to help people arrange inexpensive, family-organised, and environmentally-friendly funerals", and also have the general aim of "helping to improve the quality of dying".

As for me, I hope they just stick me in the soil when I'm done. I'm not fussy about the color of the coffin. If whoever is burying me feels inclined to spend more money, I'd rather they give it to a worthy charity.

Mortally,
Ketil

Still hoping for common sense

I had a look at the website for Klinikken for Alle today, (direct translation: clinic for all). Their concept is to make common health services easily available, which I applaud.

In the news section of their website, however, I find that one of their latest articles promotes acupuncture as a remedy for nausea during pregnancy. In this case, acupuncture is being peddled by a midwife working for them (I'll withhold her name, if you're that interested you can probably find it on the website). She helpfully informs us that (my translation:) "In some pregnant women, the stomach energy is disturbed in the first trimester". Dripping sarcasm: I wonder what the latin term for stomach energy is.

But that's not all. A quick google for the midwife's name shows that she is an active participant of NAFO, the Norwegian Acupuncture Society. Interestingly, their first stated goal is to "preserve acupuncture and traditional chinese medicine as a separate medical system" (again, my translation). Acupuncture is not widely accepted among scientists as something that works, so how come they don't have "find evidence for acupuncture" as a main goal? NAFO does have a bullet regarding scientific research on their list, but I'm not convinced they will be able to keep that research objective.

If you're curious what exactly my beef with acupuncture is; practicioners of acupuncture charge patients money for their services, but are unable to sufficiently prove that their services actually perform. They also advertise their services as if it is known that they work. I think they are ripping off. Fortunately, most practitioners advise their patients to use acupuncture in addition to, not instead of, conventional medicine. Perhaps because it doesn't work?

-ketil

PS
Again I find it amusing that my readers are being served ads for psychic readings. There must be a lot of money to collect out there!

Interesting.

After uploading the previous article, google adsense put in an ad for a free psychic reading at sara-freder.com. I wonder which of the words were picked up on. That's actually quite interesting.

-ketil

We're not far enough from stake burnings.

In an article about a horrific incident today, the BBC tells of the convictions of 3 people found guilty of child abuse. They beat an 8 year old girl with belts and shoes, cut her with a knife, rubbed chilli peppers in her eyes, and made her believe she would be drowned. The reason they commited these horrendous acts is no less cause for alarm. They thought the girl was a witch, and thought they would beat it out of her.

It is important to be ever vigilant against nutters like this. Loony ideas of this caliber really have to be nipped in the bud. The solution is education, with a focus on rational thinking. I could rant on about the importance of an understanding scientific methods like the Hypothetico-Deductive method, because it is clear that far too many are ignorant. People fall for all sorts of trickery, some examples being homeopathy, healing, so-called traditional medicines, witchcraft, dowsing, and the list goes on. And as has been shown again by this incident, having crazy beliefs is not harmless.

For more angry rantings, I can recommend (again) James Randi. And when you're done with that, head over to The Skeptic's Dictionary and Quackwatch.

Happy enlightenment.
-ketil

Allow me to brag a little...

I think a bit of bragging is in order today. I've done a few hours of work today, helping out Norwegian Church Aid with some technical problems. The cool part is that they are in Luanda, Angola, while I am in Oslo, Norway, and I'm running a remote desktop to them despite the fact that they are behind some form of NAT, so they don't even have their own IP address. What can I say? It was raining outside today, so I had nothing better to do...;)

That's all, folks.

-ketil

Photo Manipulation with The Gimp

Not a lot of people have heard of The GIMP. It sounds quite dodgy, but it is in fact an excellent image manipulation program. It runs on UNIX, Windows and MacOS X. And the best part? It is free.

A lot of people are skeptical about free software. Could it be as good as commercial software, like Photoshop, Paint Shop Pro or any other of the number of commercial packages out there? It's a tough call, because they are quite different. The GIMP was not made to be like any of those packages, but to be a powerful tool in it's own right. The designers of the GIMP have made design decisions that differ from those made by the designers of Photoshop. For this reason, the user interfaces are a bit different, but moving from one to the other shouldn't take too long once you understand the concepts. However, one main issue is probably documentation and education. There are a number of books, magazines and courses on Photoshop, but nowhere near as many on the GIMP.

And that brings me to the point of this article. Here are a number of links documenting the GIMP. If you want to perform some task, chances are you will find a suitable tutorial, howto or example in one of these documents. The complete manual is also linked.

GIMPguru.org - GIMP resources for photographers. Lots of great tutorials here.
The Official Manual - This is an extensive manual of all the features of the GIMP.
Books about The GIMP - A list of books, maintained by the GIMP people.
GIMP Tutorials - Everything from photo manipulation, red eye reduction and sharpening to automating tasks using The GIMP's powerful scripting facilities.
Grokking The GIMP - This entire book on the GIMP is available online.
Learn the GIMP in 24 hours - Title says it all
The GIMP Plug-In Registry - Lots of powerful addons to the GIMP. I'm not sure how easy they are to use on Windows. Good reason to install Linux, isn't it?
UFRaw plugin - A plugin to load RAW images from Kodak, Nikon, etc. digital cameras. For Unix, Mac and Windows.
GIMP for photographers - A collection of links to useful GIMP resources.

Now get out there and take some pictures instead of sitting in front of your computer!

-ketil

Scary social networking

Consider GMail. GMail has been launched to the public, but you still can't go to their website to sign up. So how do they get users? They let users invite other users.

Most users of GMail will probably not consider one consequence of this; Google will see who you know. Do you think they don't store this information? I think they do.

This isn't a smear campaign against Google or GMail. For the rest of this discussion, the same points can be made for major messaging services (like MSN Messenger, Yahoo! Messenger and ICQ) and other services where there is some benefit to adding your friends.

Let's say GMail is burgled, and the database of "who knows who"is made available on the internet. This is not unheard of, something very similar happened to Cisco. After a while, the information will be well known to everyone, and everyone will be able to use it.

Now, let's assume you're running for Prime Minister. (PM is just an example, it can be pretty much anything. If you have no ambition, you can stop reading here.) Now anyone can dig through your social network and find out if you are probably in touch with one or more of the following:

persons who have been convicted of a crime
persons from an opposing party (or group)
persons with an otherwise bad reputation

Very helpful, but not to you. How well do you screen participants of your social network?

-Ketil

The WTO you didn't know

I'm sure you've heard of the World Trade Organization (http://www.wto.int/), but that is not the only WTO out there. Meet the World Toilet Organization (http://www.worldtoilet.org/). While you're there, don't forget to check out the " Sphincter", the latrine toilet seat used without water or cleaning, and some of their remarkable articles, like "Toilet as a Social Space" by Lim Tai Wei.

While you're at it, you can also read about Humanure at http://journeytoforever.org/. This is fascinating reading about aspects of life many people in the western world take for granted, and certainly breaks down a taboo or two.

-ketil

Knowledge

If you ever take part in a discussion that has to do with human discoveries, is good to start off by getting all parties to agree on some of the basic principles of knowledge. This is a vast subject, but I'm going to try to deal with one important aspect here.

First of all, let us agree that science is a tool. Science is conducted through systematic observation, and ultimately lets us predict what will happen as a result of something else happening. But even this is not necessarily straight forward. Anyone conducting an experiment might affect the result in some subtle, yet significant, way. Therefore, one very important aspect of science is the practice of replication and verification. People are imperfect and are rarely able to be completely objective, so something must be done to make up for people's imperfections.

For the sake of argument, let us consider an imaginary scientist, Dr. F. The good Dr. F believes he has found that shaving off all bodily hair reduces the chance of contracting cancer. He has worked for 3 years on his hypothesis, and has published an article in Nature describing exactly how he verified his hypothesis, and nobody can see anything wrong. So, has Dr. F made a discovery that will save lives?

Perhaps, but then again, perhaps not. First of all, Dr. F has a vested interest in the result. If the results are correct, Dr. F stands to earn a lot of fame, and perhaps even a substantial fortune. There are also psychological factors at play. Dr. F has spent several years of his life working on his hypothesis, and that's not something anyone can give up easily.

Before the results can be accepted, they must be replicated and verified by someone else. So now that Dr. F has published his article, one or more teams will start working to verify Dr. F's hypothesis, following the method he described. If they get the same results, things are beginning to look good for a lot of people, and Dr. F will probably be very happy and very proud. If they don't, Dr. F needs to go back to the drawing board.

When in this process can we actually agree to have gained knowledge about something? Most people will agree that we haven't really learned anything before Dr. F's work has been replicated by one or more other teams without vested interests. In the real world it is perhaps not that simple. What if Dr. F is really convincing? What if Dr. F starts selling a product, claiming it is based on a theory published in Nature? How many consumers are willing to display disagreement with Dr. F, who has outstanding credentials and has even had an article published in Nature?

Do you agree or disagree with the above? If you disagree, I'd very much like to hear your reasoning and arguments. Alternatively I'd be very interested if you direct me to information explaining another view. Please contact me on ketil@froyn.name. (Note: I have an autoresponder to avoid spam, just send a blank reply to the automatic response you get.)

-ketil

Java vulnerability

It has been reported that Sun's Java is vulnerable unless you are running the latest updates. This is serious, and could let people do bad things with your computer without you knowing it.

For information on how to check which version you are running and how to update, check out this page
http://isc.sans.org/diary.php?date=2004-11-23

Get can get updated software here
http://java.sun.com/j2se/1.4.2/download.html
There are a few packages you can get here, but you want to download the one called "J2SE v 1.4.2_06 JRE", close to the middle of the page.

-ketil

Goodbye, Movabletype

Ok, so now I've changed my blog from movabletype to blosxom. A couple of things made me decide to do this:

Movabletype is stupid
Movabletype lets readers comment, but it also lets spammers and advertisers of porn abuse my site, and requires a lot of maintenance because of this.
Blosxom is really simple

So now I've migrated all my blog entries from movabletype to blosxom by hand, and I expect I'll never look back.

Sorry to everyone who wrote comments.

-ketil

Be careful where you click...

The best advice if you are using Internet Explorer today is "don't click on any links". Here's a particularly nasty example of how someone can take over your computer if you click the wrong link:

http://isc.sans.org/diary.php?date=2004-11-09

Executive summary: There's a worm that sends an email purporting to be from for example PayPal, claiming that money has been deducted from your account, and asking you to click a link for info. If you are using Internet Explorer, and are not running an updated Windows XP, you will be infected just by accessing that link.

Solution: Mozilla FireFox 1.0, released today. I'll call this an "upgrade" from Internet Explorer. :)

Ketil

Update windows again, everyone

Microsoft released several updates for their Windows and Office products yesterday. Get the critical updates at http://windowsupdate.microsoft.com/

-Ketil

Ketil's home buyers' guide

I have been researching a lot of the currently popular tv shows on getting the most for your home when you sell it. Based on this I have developed a simple guide for home buyers. In fact, this guide is so simple it only has a single point:

1) NEVER EVER BUY A HOME THAT IS STYLISHLY FURNISHED, FRESHLY PAINTED AND OTHERWISE SPOTLESS.

Why do I say this? As they keep saying in these TV shows (and this I believe): "New tiles in the bathroom can cost 1800 pounds, but can add 20% value to your apartment". Do you want to pay 1800 pounds or the 20% extra for the apartment? The same goes for new layers of paint, some fancy temporary furniture, and a bit of decluttering.

It's all about seeing potential. Almost everything they do in these apartments is to make the place look bigger. If you're too daft to see the real size of the place, BRING A TAPE MEASURE!

-Ketil

PS, the people they pull in to look at the apartments before and after, what a bunch of suckers! In general, they like to go "pooh, yuck, this is disgusting, I could never live here" before the place is redone, and after they go "wow, what a transformation, I could really see myself living here." Perhaps these people want to give me a few thousand pounds as well?

Knee jerk reactions

Knee jerk reactions are common, and the name comes from the reflex reaction people have when they get knocked on the right spot on the knee.

I think knee jerk reactions are very interesting. A good example of a knee jerk reaction is that after scientists discovered that sun causes cancer, a lot of people have gotten too little sun. As it turns out, this is bad, because we get vitamin D from being in the sun, and a lack of vitamin D can increase risk of other forms of cancer. In this case, instead of realizing that "too much sun is bad", many came to the conclusion that "sun is bad", which is plainly wrong.

Another interesting example of a knee jerk reaction is the reaction to fat. Obesity is a problem on the rise, so this has been a focus for a while now. Scientists figured out that consumption of large amounts of saturated fats (like animal fats) caused heart problems, so now "fat is bad". Again, this statement is clearly wrong. Inuits can live on fatty-meat-only diets throughout the winter. In an experiment conducted in 1929, 2 men tried to eat only lean meat, and they got ill. When they supplemented it with fat (calves' brain fried in bacon fat), they managed fine, and continued with this diet for an entire year, both losing weight in the process.

In addition, it turns out that the ratio of saturated to unsaturated fat in a diet is more important than the amount of saturated fats in itself. Since a lot of people are trying to limit fat intake, what seems to happen is that they get saturated fats from meats, and have less unsaturated fats, and as a result they have a higher chance of getting heart problems.

There are many many other examples. For instance, studies show that the death sentence doesn't necessarily have the wanted impact on serious crime. Perhaps the death sentence ("kill him!") is a knee jerk reaction too.

In brief, I see knee jerk reactions as a bad thing, and it is the opposite of a reflected response. But sometimes knee jerk reactions seem to be elusive, since we all seem to go along with them for years on end. I like to think that, as a rule of thumb, a reaction shouldn't be extreme unless that is the clear answer or only solution. Situations are usually more complex than "black and white".

-Ketil

Cooking for norwegians

I like cooking, but sometimes it's difficult when I have a norwegian recipe and need to buy the ingredients in a shop in an english-speaking country, or vice versa. That is why I actually sat down and wrote this page (mostly in norwegian), which is a list of lots of food stuffs in english and norwegian. So if you have the name in one language, go to this page and search, and you will find the other. And if you're really interested, you can check out the Reference section at the bottom and do more research yourself.

Isn't the world wide web fabulous?

-ketil

Movabletype is stupid

OK, so I'm lazy, and didn't update my blog for a few days. What happens? I'll tell you what happens! Movabletype moves articles off the front page as they get older, so the front page of my blog was blank. Who on earth would ever want that??

I'm switching when I find something with similar functionality.

-ketil

Girl with x-ray vision?

I just read in The Guardian (page 3, September 25, 2004) about a girl, Natasha Demkina, who allegedly has "x-ray" vision, and can see inside people and diagnose lots of disorders.

Is that so? First of all, there must be some kind of particle or energy that reflects from or is emitted from body parts of the object that can pass through any obstructions, like skin and other organs, along to Natasha. This is not unheard of, ultrasound could be an example. But these particles or energy would have to be detected and interpreted by some previously unknown sensors in Natasha, rather than just passing through her as well. This I won't accept on good faith.

Want my real opinion? Bollocks. Natasha made a good living back in Russia from her abilities. She said she was saving up for her medical studies. OK, let's see some evidence that she saved up her money and didn't just spend it all on other stuff.

Being realistic, I see a motive to lie. If there is a motive to lie that might explain something that is otherwise previously unseen and unexplained, Occam's Razor says that lying is exactly what is going on. With an ability like this, an absolutely extraordinary explanation and/or demonstration in a double blind scientific test is absolutely necessary to show that it is not merely a hoax, and the test must be repeated succesfully a couple of times by different teams. It turns out that CSICOP did a test, but it wasn't too successful (the test wasn't invalidated despite text-messaging happening during the trial, which might obviously help her cheat, and was expressly forbidden anyway).

Still in doubt? I'm not. I'm just sorry so many people are wasting their time and money on this when it could all be spent so much better.

To get a different perspective on this case, picture this: give a 16 year old girl an ultrasound scanner and an x-ray machine, and let her loose on the general public. Do you think she would be able to diagnose a lot of disorders?

-ketil

Beating around the bush

I have a great idea. I think someone (funny) should do an act where they get asked questions, and evade giving straight answers in ways that make fun of the methods of evasion. With time, this (wonderfully funny) act would of course become very famous. Then we can all kick back and watch the real result of this next time there's an election, and someone tries to cleverly evade the question, only to be laughed out of candidacy by an audience seeing never ending allusions to comedy.

With any luck we would end up with a culture that would move our language in the direction of Tariana, an Amazonian language in which it is a grammatical error to report something without saying how you found it out. Imagine the useful and helpful political debates!

-ketil

Musings on a personal website

I have yet to find the perfect provider of personal internet presence. A lot of providers do a lot of good things, like cheap domains, or a good service or two, but I haven't seen or heard of any that really give individuals all the possibilities that I think they'd want in a website.

Here's a list of what I think would make a great personal website, and if someone would offer this together with a good address, like http://ketil.froyn.name/, at a decent price, they would probably get my money:

1) Simple way to make a website, with templates/styles
2) Simple way to make and maintain a BLOG, also with templates/styles
3) Templates for CV
4) Easy way to upload pictures display photo-albums, with optional access control
5) Contact maintenance, where the owner can add contacts, and the contacts can update their own information.
6) Email with webmail and pop/imap and smtp access

Sounds too good to be true, eh? I think all these exist, but not in a single package. I came up with this list in about 5 minutes, so there are probably other things one could add.

Any takers out there?

-ketil

Kjetil's pancakes

Here's Kjetil's pancake recipe. I haven't asked his permission to publish this, so I hope he doesn't get mad. :)

2 large eggs (or 3 small)
250 - 300 ml flour
600 ml milk
2 teaspoons sugar
1/2 teaspoon salt
a bit of melted butter (a couple of tablespoons or something like that)

Procedure:
1) Whisk together the eggs and about half the milk
2) Add flour, sugar and salt and mix well
3) Mix in the rest of the milk
4) Just before frying, stir in the melted butter
5) Fry the pancakes in a quite hot frying pan.

This recipe will make about 10 pancakes, which should be enough for 2. And it's quick to make, it took me 35 minutes from I got the recipe until I had eaten. And pancakes are great, you can have them for a quick and easy dinner, dessert, or breakfast on a rainy day.

-Ketil

Evolution or Intelligent Design?

The battle is raging in America on whether the schools should teach intelligent design (ID) in addition to Darwin's evolution. Proponents of ID say that there is a controversy, and for for students to receive a balanced education, schools should "teach the controversy", by having both sides of the case discussed in science classes. This all sounds very nice, but really it isn't. ID has nothing to do with science, it is religion, and if it is to be taught, it should be taught as religion. The scientific controversy over this issue is probably comparable to the case of whether the earth revolves around the sun or the other way round. The vast majority of scientists agree that evolution is how we are here.

But while scientists and religious figures have been wrangling over this issue in USA, I have found conclusive evidence that ID is fantasy and evolution is fact. This is actually remarkably simple, and I am surprised I have not seen it brought up before.

The evidence is, of course, farting. How could anyone acknowledge the fact that people break wind, and still claim that there is any kind of intelligence behind how we work? There is nothing intelligent about passing gas. There is no greater benefit of letting one rip. If there were any grand plan behind our design, with the immense and awesome complexity that makes us, we would of course eat and digest in ways that would not require gaseous discharges, especially not smelly ones.

I rest my case. Now carry on with whatever you were doing.

-Ketil

Windows update

If you are running Microsoft Windows 2000 (and possibly other versions), you have to update today if you haven't already. I got 4 updates yesterday. Go to http://windowsupdate.microsoft.com and follow the instructions. Or even better, from a security point of view, don't follow this link, but in Microsoft Internet Explorer, go to the "Tools" menu and select "Windows Update", then you know I haven't faked the link.

There's an office update too. To get office updates, go to Windows Update and click the link at the top of the page.

-Ketil

Windows Update - http://windowsupdate.microsoft.com

And off he goes...

I've jumped on the bandwagon and created my own blog. If I use this blog, I will probably write about deep philosophical questions that noone else will care about, why it's good to ask questions, why it's bad to believe in astrology and homeopathy and lots of other silliness, and computer security. Nice mix, huh?

If you have any comments, mail me on ketil@froyn.name, and just answer to my autoresponder. I use it to avoid spam, even though some people don't like it.

-ketil