Canon sent her what is a standard corporate response by most compnaies when they see the word “Linux” in a support email.

Dear XXXXX XXXXX:
Thank you for contacting Canon product support.  We value you as a Canon
customer and appreciate the opportunity to assist you.

While considering the desire to provide the best possible support for
Canon's products, Canon must make decisions. Currently, Canon is unable
to provide drivers for Linux.

With this in mind, we currently do not have drivers available for your
operating system.

We apologize for any inconvenience this may cause.

Please let us know if we can be of any further assistance with your LIDE
700F.

Thank you for choosing Canon.

Sincerely,

Olaf
Technical Support Representative

So Canon (CAJ on the NYSE, valued at $39.50 a share when this article was written), like so many other companies, is completely missing the boat either from being lazily ignorant or willfully avoiding Linux.  So, here’s a quick note to Canon and any other hardware manufacturer trying to claim making a Linux driver is too hard:

Don’t do it yourself.  Let someone else do it.  The fine folks at the Linux Driver Project will do it for you.  They have developers who are standing by, ready to do the work for you.  For free.  They’ll even sign an NDA with you.  Your only responsibilities are to provide the type of device, the device’s specs, the NDA if needed, and to provide the person who will develop your driver with a demo unit of your hardware.  That’s it.  Once complete your driver will be included in the Linux kernel source tree.

There is no requirement that you support your Linux users.  The Linux community is very industrious.  If you give us a push in the right direction we can ferret out the rest and get to the destination.

Canon: Help us help you.  There’s no reason your LiDE 700F scanner doesn’t work in Linux.  The cost to your company would be negligible at worst.  So, let’s get on it and help my friend out.  Unless you prefer all of us Linux users buy HP.

I want the ability to exclude a song based on a word in its lyrics, preferably by frequency and/or total count.  I would love to be able to say, for instance, “don’t play any song where the word California is used more than twice”.  When I brought this idea up with a coworker he mentioned it would be great to only hear songs with the word “shotgun” in them.  So we’ll need this feature to allow for inclusion/exclusion of key phrases entered by the user.

You guys over at Pandora get to work on this for me please.  In the mean time I’m going to check into body armor in case my coworker has a particularly bad day…

Except KDE 4.  It’s just not that exciting to me.  The new features aren’t that important to me and as a whole the desktop performs rather pitifully on Kubuntu 8.10.  I’m running an Intel Core 2 Duo with 2 Gigs of RAM and a nVidia 8600M GT with 256MB of RAM.  If that’s not enough of a system then perhaps we need to rename this release to “Kubuntu 8.10, Vista”.  On a side note, this computer runs Vista without a hitch.

The culprit could be just about any combination of lots of things.  KDE 4 may not be fully baked.  Kubuntu may not have implemented it well.  It may not deal well with Compiz.  However, it doesn’t really matter to me since there isn’t a compelling feature that would make me want to find out so that I can move.

Frankly 8.10 reminds me of 7.04.  Much ado about nothing except moving back to the previous release.  If they follow that same trend, however, 9.04 will be as fantastic as 7.10 was.

Thankfully for me (and the many others I suspect share my opinion) 8.04 was a long term support (LTS) release, so we have another year to hope the bugs get ironed out of KDE 4.

PS: Am I the only one who things the new desktop background looks like a bunch of hair under a microscope?

We’ll use this blog as an example.  It has a total of eight images that may be loaded, three of which are external to this server (related to the PayPal ‘Donate’ button [please use it] and the Add-To-Any button).  The eight images comprise about 6KB worth of the page size with 2KB coming from the external ‘Donate’ button.  Then there are the stylesheets, between two and four (one extra to fix IE problems, one more if your version of IE is less than 7).  Those are about 16KB, but are gzipped to only require 3KB of bandwidth.  Then there are my two JavaScript files totaling 65KB uncompressed, 21KB gzipped.  All of these items need only be downloaded once.

So, of the total page size of 156KB (56KB compressed) for this article, around half won’t change with any regularity and falls within my control.  By setting a far future expires header on those items your browser won’t feel the need to check and see if there is a new version the next time you visit this site, saving both of us TCP connections.  When you first visited this site it told your browser those files don’t expire for ten years.

Sounds great, but what if I want to change, say, my CSS file?  Well in that case I need to change the file name so that your browser doesn’t think it already has a copy and will go ahead and download the changes.  This is generally accomplished in one of two ways: Change the filename or add a query string to the original filename.  But which is better?

Adding a query string to the existing filename is easy.  Especially in the case of a CSS file that is included once in a header file, such as this blog.  If you view the source you’ll notice I use this method.

<link rel="stylesheet" type="text/css" href="http://eric.biven.us/wp-content/themes/eric2/style.css?v3" />

Notice that “?3″ at the end?  That fools your browser into asking for the file again and my server just ignores that part of the request.  Now when you get this new version your browser again gets a response from my server saying “this file doesn’t expire for ten years”.

With that said, I prefer to change the filename.  Using a query string has the drawback that some internet caching proxies don’t cache files with query strings by default and others are configured not to by their administrators.  Since my goal is to reduce bandwidth it only makes sense that I would want to offload as much as possible onto other people’s caches.

So why not do that with my CSS file here?  Well, in the case of the WordPress stylesheet I haven’t found a good way to use a file with a different name.  According to the WordPress Codex the stylesheet_url parameter for the bloginfo template tag is hard coded to output a link to a file named “style.css”.  That means that adding the query string parameter is far easier.  Sometimes the path of least resistance is good, especially when it lets me go to bed earlier.

“Software isn’t secure.”

The licensing model of a piece of software will have almost no effect on the quality of that software in the early stages.  The reality of the situation is that the quality of the developers will have the greatest effect on the quality of the software.  It’s no different that building a house or playing Beethoven’s 5th symphony.  The better the crew, the better the result.

So what about after the initial stages of development?  Assuming that the product never takes off then open source software will generally be better.  The open source application will (generally) at least be used by the people who originally developed it for themselves, and so will receive some attention.  Commercial products without followings won’t be likely to be supported due to low profitability.

Well, what if the software turns out to be wildly popular?  Then which model is going to be more secure?  The answer here is “neither”.  One of open source’s advantages is also a weaknesses: The ability for anyone to view the code and alert the community to problems also allows hackers to find the problems and exploit them.  Open source allows for what some call the “many eyes” principal, meaning that having so many people looking at it will ensure that someone will notice the problem.  This can also be untrue since frequently people will just assume someone else is looking.  Wildly successful open source projects may also draw in more developers, which can be positive or negative depending on the skill level of those developers.

The closed source camps have other problems.  First, they will have a finite number of developers who will ever see the source code.  If those developers aren’t good, the code will never be good.  If the developers are good they may be put under time constraints which require reduction in testing and quality by marketing and sales departments.  While the hackers can’t view the source code, they certainly can and do find exploits.  When exploits are found you absolutely have to wait for the software company to fix the problems itself.

So, which software licensing model is more secure?  The answer is that your licensing model has a negligable effect on the quality of your software.  The skill of the developers and the culture of the group involved in the project are what matters.

Why are you still using IE 6?

I get that about half of you seem to be running Windows 2000, so IE 7 isn’t an option.  However, that means the other half of you are running IE 6 on Windows XP.

So what gives?

As a web developer this concerns me because making sites work in IE 6 takes up an inordinate amount of my day.  It’s the oldest browser that still has any real user base.  Which seems strange, given that it has a number of unpatched security holes.  Add to that the fact that there are many free alternatives, including IE 7, and I just don’t understand.

This blog is highly technical.  Are there actually people who are interested in my content and run IE 6, or are these hits from some sort of bot?

If you are running IE 6 you should be aware that software companies are beginning to phase it out.  37signals has announced that they will be discontinuing support for IE 6 as of October 1st of this year, citing a lack of desire to “invest significant time or resources into making sure we are backward compatible with IE 6″.

So do yourself and us poor developers a favor and grab yourself a brand new, shiny, secure, and free browser upgrade soon.  You’ll thank me later, and I’ll thank you in advance.

Other options include:

Maximizing: All windows maximized when opened.
Cascade: What we just decided we didn’t like.
Random: I’m not quite sure who decided this was a good idea.
Centered: See Random above.
Zero Cornered: All windows open in the top left corner of the desktop.

Which leads me to another soapbox. It seems that as a group we developers still don’t get “it”, so I’m going to say it again, in bold.

Anonymous users cannot be trusted.

About a week ago I began receiving emails to one of my accounts from the DVD rental company redbox (http://redbox.com/). They have kiosks up all over the US and possibly more. As I understand it these kiosks work by allowing you to swipe a credit card, then taking some personal information including email address, then allowing you to rent a DVD movie. Every time you rent or return a movie they send you an email. I’ve now received several. This all seems fairly straightforward.

Except that I’m not a redbox customer, nor have I ever been. The last four digits of the credit card being used aren’t a card that I own, and I don’t see that there has been a card issued in my name that I don’t have in my possession. This pretty much rules out fraud. Odds are that the person who’s account this actually is just fat-fingered punching in the email address (this is an msn account that I’ve kept around for years to send spam to).

In an attempt to straighten this problem out I called redbox’s customer service number listed in the email body. Their response was to just mark their email as spam. A company actually asked me to flag their emails as junk. I was floored. I pointed out to the customer service agent that the “solution” might present two problems: first, the real customer still wasn’t getting their alerts and second, it would pretty much preclude me from ever becoming a redbox customer because I also wouldn’t get my notices. She insisted that was the best redbox could do and that there was simply no way to fix a customer record.

So I sent an email to the customer service email address at the bottom of the receipts I was receiving. I received an automated reply saying that if I wanted to unsubscribe that all I needed to do was click the link at the bottom of their emails. Great idea! Now if only there was an unsubscribe link at the bottom of the emails that redbox sends.

So here we stand, no resolution in sight. As a note to other developers, and redbox (should you ever read this), here is what you need to add to your application for your customers, both current and potential:

1. When a new customer signs up and gives you an email address, send out a verification email. Make sure that your system requires a response before the email is marked as valid. Don’t send other emails to that address until it has been confirmed.

2. If the user hasn’t confirmed by the time they use your application again then prompt them that their email address is still unconfirmed and ask them to either click the confirmation link or enter their correct email address.

3. Be sure that your system is capable of marking an existing email as invalid. When the user with the invalidated email address uses your system the next time you simply request an updated email address, then proceed with step #1 above.

See, that wasn’t so hard. Now if someone puts garbage into your system it should work itself out right from the start. If it doesn’t you at least have a way to take out the trash. Or you could just have one customer wondering where their receipts are and a potential customer blogging about how poor your customer service is.

One of the most exciting new features is the newly reworked ULE scheduler. The old SCHED_ULE modules were somewhat mediocre. A lot of transitions took place, but in the end the new scheduler is still O(1) with per-CPU queues. For some reason 7.0 shipped with 4BSD as the default scheduler, so you will need to do a kernel recompile to enable ULE. It sounds like 7.1 will ship with ULE as the default scheduler, however.

So, why use the ULE scheduler? Try near linear scaling to 8 CPUs, minimal degradation during peak workloads, and the Linux 2.6.22 kernel is 15% slower than FreeBSD 7′s. Yes, you read that right, FreeBSD 7′s kernel out-performs one of the latest Linux kernels by a whopping 15%.

Additionally you’ll find improvements and additions in networking and file systems, as well as updated user tools and the integration of finstall (the FreeBSD graphical installer).

Further reading:

Kris Kennaway’s presentation on FreeBSD 7 (pdf)

WordPress has no shortage of plugins. This one is one of the ones that is a real joy to work with, has a specific function, does it well, and just gets out of your way.

WP-PostViews does just what the name suggests: It tracks the number of views that your posts get. For this blog that allows me to keep articles that are seeing the most traffic on the front page without having to suspend my blogging, munge the start date, or otherwise change the format of my blog.

To get this superior plugin visit it here:

http://lesterchan.net/wordpress/readme/wp-postviews.html

Thanks to Jeffro2pt0 and the guys in FreeNode’s #wordpress for pointing this one out.

PS: If some of the view counts look “off” that’s because I didn’t dig through my entire Apache history looking for hits.  I put the correct number of hits in for the past three months for the top four articles.