Wired has two articles worth reading on e-voting machines and the security issues (specifically, the frightening lack of any) involved with them.

E-Vote Protest Gains Momentum

Swarthmore College students embroiled in a legal battle against voting machine-maker Diebold Election Systems have received a ground swell of support from universities and colleges nationwide.

The memos suggest the company knew about security problems with its voting machines long before it sold the machines to various states, including California, Georgia and, most recently, Maryland. The memos have popped up on numerous websites since August, despite attempts by Diebold to force ISPs and webmasters to remove them from the Internet.

E-Vote Software Leaked Online

Software used by an electronic voting system manufactured by Sequoia Voting Systems has been left unprotected on a publicly available server, raising concerns about the possibility of vote tampering in future elections.

The security breach means that anyone with a minimal amount of technical knowledge could see how the code works and potentially exploit it. According to a computer programmer who discovered the unprotected server, the files also contain Visual Basic script and code for voting system databases that could allow someone to learn how to rig voting results. The programmer spoke on condition of anonymity.

Electronic voting can be more secure and accurate than the systems that we’ve had such trouble with over the past few years, but only if the companies can be trusted, the systems are verified secure by a third-party review, and if there’s an additional printed “receipt” that can be tallied in case of recounts. The security breaches and known vulnerabilities of the current E-voting systems make it clear that in their present state, they cannot be trusted — and I, for one, would greatly prefer it if I could be sure that my vote in 2004 goes to the candidate I intend it to.

I have no idea whether or not this is a standard feature in other Unix systems, but it appears that there’s a very handy little “under-the-radar” feature in Mac OS X 10.3/Panther — automatic file defragmentation.

Everytime an application opens a file for reading, HFS+ checks if the file is fragmented and is less than 20MB in size. If so, it copies the file’s contents to a continuous region on the disk and frees up the previously allocated blocks.

What a wonderfully convenient feature. Even nicer, when someone asked if there were any official confirmation from Apple about the feature, someone else posted the source code from the Darwin (command-line only open source) version of the core system.

(via MacSlash)

Secret Spells Barbie

New from Mattel, just in time for Halloween — Secret Spells Barbie!

By day, Barbie, Christie and Kayla are fashionable school girls, by night they turn into magical enchantresses. Each doll comes with 2 outfits, spell book, case, edible potions and potion cups. Transform Barbie from an ordinary girl to one of the Charm Girls. Just put on Barbie’s enchanted Charm Girl jacket and she’s ready to mix up delicious potions that you can really drink. Barbie comes with costume, dragonfly, mixing pot, stand, spoon, stirrer, three bottles, book with a secret compartment, and two packets of magic powder (sugar-based mixes you mix with water). Barbie measures approximately 11.5 inches tall.

Just imagine all the fun you could have! Mixing up “love potions” with your friends. Finding spells to turn all the clothing of your best friends (or worst enemies) bright pink. Having tea parties with your Secret Spells Barbie, Hermione and Harry Potter (isn’t he the lucky little stiff?). Painting pink pentacles on your body as you dance around the bonfire in your backyard under the full moon.

Hrm. Did I just go too far?

(via Mark Morford, via Burningbird)

#1 and #2 on Blogdex!

Wow. The past day has been absolutely incredible — naïve as it may seem, I really didn’t expect all of this response to come from my little adventure.

While I had to give up on linking back to every site that linked to my post simply because there were too many of them to keep track of, some of the biggest so far have been MetaFilter, The Register, and Slashdot. Crazy. I’ve also had interviews today with both MSNBC (ironic, no?) and the Seattle P-I — I’ll post links to those articles when they become available.

Seattle PI Front Page, 10/30/03

Update: The article in the Seattle P-I is now online (and it’s on the front page of the print edition — yikes!).

Update 2: The MSNBC article is also online.

Following up on some of the many comments that have been left on my site and others where this has been mentioned:

Yes — I made a mistake

This has been pointed out many times, sometimes more politely than others. My posting of a photo taken at the Microsoft campus was (most likely) a breach of contract. The only reason I qualify that with “most likely” is that, due to my particular employment situation (a temp worker contracted to a vendor who had an account at Microsoft), I never went through any Microsoft-specific orientation or “rules and regulations” session, so I can’t say for certain that there is a “no cameras” clause as a condition of working at or for Microsoft.

No cameras?

Now, even without knowing about a “no cameras” clause, common sense does come into play here. Had I been foolish enough to take pictures inside any of Microsoft’s buildings, of the buildings themselves, of the offices of any of the employees, or anything similar, than I would fully expect to be terminated. As I mentioned in my Of blogging and unemployment post, I thought that the picture was taken in such a way that it would not cause any issues, revealing only an unmarked truck with some computers, and a small section of loading dock that could be nearly any loading dock on any building across America.

In fact, it may very well be that the picture itself is not what caused Microsoft to decide that I was no longer welcome on their campus. Again, as I mentioned in the ‘Of blogging and unemployment’ post, it appears that it was the combination of the picture with the information about what building I was at when I took the picture that prompted them to make the decision that they did.

NDAs (Non-Disclosure Agreements)

Many people have posited that my ultimate downfall was a breach of an NDA. This may or may not be the case. Again, because of the circumstances of my position at Microsoft, I never signed a Microsoft-specific NDA — however, this does not mean that I was not bound by an NDA. I would not be at all surprised if there were some form of NDA clause as part of the contract between Microsoft and their vendors. Now, I’m not sure if my post, the picture, or the combination of the two would constitute a breach of any NDA clause that I may have been bound to. I didn’t think so when I made the post, however given recent events, that may very well have been where I was wrong.

Who’s to blame?

In the end — me. I really don’t blame Microsoft for their actions. By my best guess, they saw me as breaking the rules — whether those rules were a “no cameras” clause, an NDA, or something entirely different — and decided that rather than give me a second chance and run the risk of me doing something similar in the future, it would be better to just cut me loose before I could do any more damage.

I can (and would) swear up and down that I would never divulge any internal Microsoft information. Heck, during my tenure at the printshop, I saw a lot of information that would have gotten me fired faster than this did if I’d been so foolish as to publish it. As “evil” as Microsoft may be popularly perceived, I don’t think it’s any secret that they have many incredibly intelligent people working for them, who come up with some truly astounding ideas. I’ve seen advertising campaigns in their preplanning stages weeks before they hit the press, I’ve seen internal documentation on programs that are still in development, and I’ve seen ideas and technologies that I would love to have available on my Mac at home. None of those have ever been mentioned here in my weblog, and even now, this is the most I intend to say about them.

However — while I may not have seen my post as violating Microsoft’s security standards, someone there did. Because of that, they may feel that it’s not worth the risk of continuing to allow me access to proprietary information that I could, in theory, leak to the world.

I may not like the way that they handled this. While I didn’t plan for my post to generate the amount of attention that it’s received, it has, and now Microsoft is facing a certain amount of bad press because of that. It may have been far better for them (on a PR level) to reprimand me and have me take the post down. However, I cannot fault them for making the decision that they did, however much I wish that that they had made a different decision.

I goofed. I regret it, but the damage is done. Mea culpa, mea culpa, mea maxima culpa. ;)

Future employment

I’ve seen a lot of comments suggesting that I apply to Apple — even some stating that Apple should just give me a job. As amusing as this idea is, I have to say that even I find it entirely unrealistic.

First off, as some have pointed out, my post could be seen as indicating that I have a propensity for disclosing internal company information. That’s not likely to put me very high on the list of prospective candidates for any business, let alone one run as tightly as Apple.

More importantly, though, is the simple fact that as my resumé shows, I’m woefully under-qualified for many computer-based positions. I don’t have a college degree. I don’t have any sort of computer certification. Aside from the past eight months, I haven’t even held a position that was primarily computer based. Instead, I’ve spent ten years working in the quick-print industry, running high-end digital copiers.

This isn’t to say that I’m a computer illiterate, of course. I’ve been a fairly typical “computer geek” for most of my life. I have experience with a wide range of systems, starting with CP/M on an Osborne 1, a few different flavors of *nix, DOS and Windows based PCs, and my primary focus, Apple Macintosh computers. I like learning about how all of the bits and pieces work, and how they work together. I’ve been fascinated with HTML for years — my first website went up in 1995, and I’ve been “blogging” in one form or another since 1998 or 1999, though I only have archives dating back to November of 2000 — and while I may not be much of a designer, if I may toot my own horn for just a moment, I think that my HTML code is damn good. I’ve spent a little time mucking around with Perl, Java, and Javascript, not enough to be a programmer (by any stretch of the imagination), but enough that I can take a look at the code and at least get a general feel for what it’s doing.

All of this, though, is self-taught. And self-taught doesn’t really get you jack, for the most part, especially when it doesn’t show on your resumé. My biggest regret with all of this is that, as my position for the past eight months has been working in a prepress environment, getting digital files print ready, I was finally getting some resumé experience that could show that I really did know something about computers. Now, however, I’ve lost that position, and I’ll just have to hope that if I’m lucky, those eight months might be enough for someone to give me a chance again at some point.

In the end, it all comes down to hitting the streets, throwing my resumé around town, and seeing what comes up — and hoping that when an interviewer googles my name, all this brouhaha doesn’t scare them off!

Rent (or “Wow — you all rock.”)

While I’m sure after reading the article at The Register that many people will find this hard to believe, I originally only mentioned financial matters because I had had enough people inquire that it was easier to do it in a single post than e-mail everyone. I’ve never expected donations in the past, and I wasn’t expecting donations this time.

Quite honestly, I’m floored.

An incredible number of people have tossed a few dollars my way, and I really don’t know how to thank you all. It’s enough to ensure that my rent for the month is taken care of without having to hit my emergency stash, and just a little over (which will go for good cheap eats — like Top Ramen, the bachelor’s/college student’s/first-time-apartment-dweller’s food of choice!). Many, many thanks, karma points, and mojo out to all of you. You rock.

Surviving Slashdotting (or, “Commercial time!”)

Lastly, but definitely not least, I’ve had quite a few people inquire about the weblog itself — specifically, who hosts it, and how it’s managed to stand up to the abuse of a Slashdotting as well as it has.

My site is hosted by TypePad, from the same good people that produce MovableType. I used MovableType for quite a few years on a personal server running out of my apartment (thank goodness I’m not using that setup now — my poor lil’ G3 webserver would be in puddles on the floor by now!), moved to TypePad when I got the invitation to be part of their public beta test — and have stuck with it since.

As I’m a confessed HTML geek, I find TypePad’s pro level perfect for me. They take care of all the niggling little details of server management, and I still have full control over all the HTML code produced by the system. I can be as picky (ahem…anal) as I want about the code that my site produces, and I do what I can to ensure that the pages are as clean as possible — minimal graphics, standards compliant code that’s easy to read if someone should dive into the source, CSS for presentation, and all the rest of the current buzzword goodies.

I can’t recommend TypePad enough — or MovableType, if you prefer to handle the server end of things yourself. I’m also very grateful to them for handling my Slashdotting (their first, apparently!) with such aplomb. As far as I know, there were very few glitches over the course of the day.

Conclusion

So what have I learned from all of this? Well, firstly, and most importantly — keep my big fat mouth shut! ;)

Some people have made comments along the lines of, “this is why I blog anonymously.” I have to say, that I don’t honestly think that that’s necessarily a perfect solution. Given the well-known power of Google, it’s very easy for me to believe that many anonymous blogs are — or at least could be — far less anonymous than their authors might believe. A comment here, a phrase there, a certain choice of words, and suddenly, someone’s put the pieces together (“They said that their birthday was on or around this date, they got together with this group of friends here, they took a trip to Disneyland here…”) and they are suddenly “outed”.

I made the conscious choice a few months back not to blog anonymously. Prompted by a post by Anil Dash, I decided that given the All-Seeing Eye of Google, I would rather do what I could to “own” my own name. I stopped using my prior online pseudonym of ‘djwudi’, began using my given name of Michael Hanscom whenever leaving comments on sites, and registered the www.michaelhanscom.com domain name. To me, the ability to have some amount of control in ensuring that information that is connected to my name is actually connected to me is worth the risk of situations like what I just went through.

Basically, it all boils down to making sure that you know just what your employer would or would not be comfortable with you mentioning on your weblog — and if there’s any doubt, don’t mention it. I didn’t, and it got me canned. You shouldn’t let the same thing happen to you.

Thanks much for all the attention, comments, and food for thought over the past few days. It’s been a bit overwhelming, but one hell of a ride.

First things first — many, many thanks to the many people who have passed on words of encouragement to me in my time of trial. With a normal readership of about ten people that I know of, I wasn’t expecting to get much response beyond my family and a few friends. The ‘net being what it is, though, tales of my trials and tribulations seem to be spreading, and I’ve gotten many nice comments, e-mails, and phone calls, not to mention links on a growing number of sites.

Mentions that I’ve found as of 10/29/03 @ 0234:

I’ve spent part of the day updating my resumé (a task that I have to admit I always dread), and have polished it up to the best of my ability and posted it here. With any luck, between the temp agency, my own efforts, and what little notoriety I may gain in my fifteen minutes of fame, this stretch of unemployment won’t last too long. In any case, I’m certainly keeping my fingers crossed (though it does make it a bit harder to type, I can use all the luck I can get right now).

To address some of the concerns and questions I’ve received:

Legal recourses

A couple people have inquired about possible legal recourses. This is an avenue that I don’t particularly want to investigate, for a few reasons. First, I don’t think that the time and trouble is worth it, and second, I’d be willing to bet that somewhere in the labyrinthine red tape of contracts among my temp agency, the vendor, and Microsoft, this situation is probably covered in one form or another.

In the end, what it boils down to was a slight misjudgment on my part. While I (and many other people) may find Microsoft’s reaction to be extreme and unnecessary, chances are they had every legal right to make the decision that they did. I would certainly have preferred that they simply request that I take the offending post down (which I would have done in a heartbeat), but for whatever reasons, they chose not to take that route.

Future plans and possibilities

Thankfully, this appears to be solely an issue between Microsoft and myself. While I got the news from my supervisor, it was made clear to me that there was nothing he could do about the situation, and he was sorry to see me go. As I’d been a valuable member of the team in the print shop, able to cover nearly any position outside of administrative duties, losing me will be a bit of a blow to the shop (now, I’m not so amazingly egotistical to claim that the place is going to go down in flames just because lil’ ol’ me isn’t chipping in anymore, mind you — I just know that I was able to help out wherever I was needed, and I enjoyed doing it).

Seeing as how he was also caught off guard by this situation, he’s said that he’ll ask around and see if there might be any other open positions outside of Microsoft that I might be able to be shuffled into. This is no guarantee, of course, but it’s certainly nice to know that he thought highly enough of me to at least take a few minutes to ask around about possibilities.

I’ve also received a couple of requests for my resumé via e-mail, which have been sent out to everyone who asked for them.

In the end, though, I’m still crossing my fingers, waiting to see what may come down the pike.

Finances

A few people have inquired about how I’m doing financially. I have to admit — things are a little dicey here. Rent is due in a week, and while I’ll be able to dip into some emergency money to get me through this round, I will need to have stable income by the time November 5th rolls around or I’ll be in very dire straits. It’s quite typical, in a Murphy’s Law kind of way, that this would happen just a few weeks after I blew my savings on a new computer. Ah, well — there was certainly no way to plan for it.

Now, I’ve never been much of one for asking for money — I’m quite stubborn by nature (according to my parents, one of my first words as a child was “self!”), and generally, if I can’t handle something on my own, well, that’s just the way it goes. Besides, I can more easily see a website/weblog requesting donations when they focus on a specific topic, rather than being the essentially random collection of technical babble, political indignation, personal musings, and occasional bad humor that this site tends towards. ;)

That said, however…(oh, sure, first the disclaimers, then the heart rending plea for help, complete with a John Williams score — oh, can I get Steven Spielberg to direct the TV spot?)…I have had a PayPal donation button in my about page for months now, as well as the Amazon links at the bottom of each page. To date, these have netted me all of — hold on, let me check — approximately $12 from my Amazon Associates account, and absolutely nothing from the PayPal button.

Now, that’s about exactly what I’d expect to see, and I certainly don’t expect it to change. Heck, with the economy the way it is, there’s not a lot of people out there who have the spare change to help support some anonymous bloke whose sob story they just stumbled into while wandering around the ‘net. But — and there’s always a but, isn’t there? — should anyone feel moved to make small donation, whether through the PayPal link or by using the Amazon banner on my site to go shopping, I certainly wouldn’t complain in the least.

And I believe that brings us up to date. Once again, thanks to all of you for the kind words. Often, those are worth far more to me than anything else.

UPDATE: Please take the time to read my followup post, Fifteen Minutes of Fame, for my thoughts on what happened after I posted the picture, why it happened — and most importantly, why I don’t blame Microsoft for their actions. Thanks!


The day started like any other day — get up, dink around for a bit, bus into work, and start working through the stack of jobs. Just shy of an hour after I got in, my manager came in and asked me to step into his office when I had a chance. Sure, no biggie, and I headed over as soon as I finished the job I was setting up.

“Okay, here’s the first question. Is this page,” and here he turned his monitor towards me, letting me see my “Even Microsoft wants G5s” post from last Thursday, “hosted on any Microsoft computer? Or is it on your own?”

“It’s on mine. Well, it’s on a hosted site that I pay for, but no, it’s not on anything of Microsoft’s.”

“Good. That means that as it’s your site on your own server, you have the right to say anything you want. Unfortunately, Microsoft has the right to decide that because of what you said, you’re no longer welcome on the Microsoft campus.”

And that simply, as of about 2pm today, I once again joined the ranks of the unemployed.

It seems that my post is seen by Microsoft Security as being a security violation. The picture itself might have been permissible, but because I also mentioned that I worked at the MSCopy print shop, and which building it was in, it pushed me over the line. Merely removing the post was also not an option — I offered, and my manager said that he had asked the same thing — but the only option afforded me was to collect any personal belongings I had at my workstation and be escorted out the door. They were at least kind enough to let me be escorted out by one of my co-workers, rather than sending security over to usher me out, but the end result is the same.

More frustrating for me is that, having read stories here and there on the ‘net about people who had for one reason or another lost their jobs due to something on their weblogs, I thought that I had done what I could to avoid that possibility. To my mind, it’s an innocuous post. The presence of Macs on the Microsoft campus isn’t a secret (for everything from graphic design work to the Mac Business Unit), and when I took the picture, I made sure to stand with my back to the building so that nothing other than the computers and the truck would be shown — no building features, no security measures, and no Microsoft personnel. However, it obviously wasn’t enough.

So, I’m unemployed. I am somewhat lucky in that I’m not technically unemployed — I am still on the roster for my temp agency, who has been very good to me so far (and hopefully will continue to be), but as their ability to place me anywhere does depend on the current job market, it’s not a foolproof guarantee of employment coming in quickly. I’ve put a call into them and let them know of the situation and that I’m available and willing for whatever can be found, so with any luck, they’ll be able to find a placement for me. However, it appears that it’s also time for me to start hitting the streets and shopping my resume around again.

Wish me luck.

Looks like the White House doesn’t want its citizens finding information on their website too easily (after all, that might encourage us to think for ourselves). They’re using a webserver configuration file — the robots.txt file, which controls what parts of a website are read by the automated crawlers used by search engines such as Google to index the content of a website — to block access to any directory with the word “iraq” in its name. This effectively makes it all but impossible to search the White House website for any information on Iraq using Google, Altavista, or any other external search engine.

Aside from restricting us to use of the internal WhiteHouse.gov search engine, why would they do this? The DNC’s Kicking Ass blog has some ideas

It’s easy enough to understand the reasoning if you look at past White House actions. Earlier this year, the White House revised pages on its website claiming that “combat” was over in Iraq, changing them to say “major combat.”

One of the reasons some alert readers noticed the change — and were able to prove it — was that Google had archived the pages before the change occurred. Now that all of the White House pages about Iraq are no longer archived by Google, such historical revisionism will be harder to catch.

(via Scripting News)

[Sponsored Link:]{.underline}

Visit Mortgage UK for great Mortgage rates.

The lengths that people will go to in their homophobia in the name of religion is really scary. Bishop-elect Gene Robinson is currently under 24-hour FBI protection due to death threats.

The first openly gay man to become an Episcopal bishop is under round the clock FBI protection following threats on his life, according to media reports.

Gene Robinson is to be formally installed as Bishop of New Hampshire on Sunday.

“The only thing that will stop this happening is if I am not around any more,” Canon Gene Robinson, who is to become the Episcopalian Bishop of New Hampshire, told the British newspaper The Independent in an interview published today. “We have to take that seriously.”

(via Atrios)