How do you truly know when email has become a problem without a good solution? Simple. Take a vacation. This is a clue...

And that's after working through a large chunk of it already - the most obvious and highest priority stuff, anyhow.

Yes, I've tried many of the various methodologies available out there, but ultimately it's all about reviewing each one and acting on each in same shape or form. Vacations do this to email. Darn those vacations. The difference this time around is I decided that instead of ruining the vacation mood, I'd work my way through the ocean a little at a time. Highest priority stuff came first. No point in ruining the positive effects of the vacation by losing sleep over email, eh?

Anyone have brilliant ideas for how to deal with the ocean of email that results from being gone for a couple weeks? Dealing with it day-to-day is easy. It's the been-gone-for-a-long-time problem that seems to be more vexing. Mark-as-read just has too many risks.

There's been a recent uptick in Blackberry Blogging attention recently because Dave Winer has been talking to people about how he's blogging and reading news on his Blackberry 8700, which he apparently got a little while back. I got one of the first 8700s, have already worn out two of them (I am on 8700 number-three as of the other day - It turns out coffee is hard on electronics and the scroll wheel tends to wear loose), and I have been using various models of Blackberries since, well, since God made Blackberries, and I have been blogging with them since I can't remember when. Actually, looking back it looks like it was July of 2004 or so when I first tried it. So, what Dave is doing isn't really anything new, but he is bringing a lot of attention to it, which is cool. Certainly the direction of mobile computing is important, and how it fits into publishing and consuming critical content deserves attention.

It's funny, though. You'd think it was the new sliced bread or something. Heh.

And Kent Newsome has some good points in his thoughts on the matter:

"I think people are treating this Blackberry as a web surfing and blogging tool the way mountain climbers treat a mountain. They move right past the why and just start climbing. Because they can, because it's cool, or because they're bored. Or maybe so they can try to convince more people to use their mobile computing products…

"People will fall all over themselves trying to rationalize it away, but everyone who is actually trying to get content, as opposed to push content, knows that other than text based headlines and the occasional weather forecast, surfing the net on a Blackberry is sort of like running a race in wooden clogs. You can do it, but it's slow and painful."

I've been able to post with my Blackberry for a long time. I have also been able to read news via RSS with it for a long time. But even though it's right there 24x7 for me to use, I find that for the most part I don't. I suppose for the chronically addicted blogger or news reader, it would look like a "good" way to get a fix and feed the addiction. If your goal is to post something the second it happens, or to read whatever you're interested in as it is published, maybe this all makes some kind of sense. But for me, I just find that I can't be that connected all the time.

It will be interesting - as always - to watch.

I'm a professional geek, and manager of many like me (only they're a lot smarter and more talented than I). But I have not been a computer jock all my life. Before this particular career I was a cop (or "police officer" if I want to be politically correct in my terminology). Before that, I was a professional photographer - a job I had for around eight years. I went to college to study photojournalism, and did sports and news photography, was published way-back-when in magazines and newspapers all over the place, etc. etc. etc. I was pretty good at it. My employers liked all the awards I won for them. I didn't care so much about the awards. But I felt good when I made pictures that people liked and remembered. Even more so when they seemed to matter or make a difference.

But while photography was fulfilling, starving to death was not so appealing. Besides, I'd always wanted to be a cop, and so I went from being a figurative ambulance chaser (a news photog) to being something loosely akin to an ambulance driver (except that police cars are a lot faster and you get to chase people in them - ambulance rig drivers don't do that too much, and then there's the whole catching bad guys thing, and you actually get paid to do all that - crazy). It put a notable few more bucks a month in the bank and was a great job, but it was also a bucket of stress and (eventually) painful experiences (I did a lot of child abuse investigations, and in the end it was me or the job -- I chose me).

Then came computer work. Pays a lot better and without bullets flying at me or my car. Not such a bad deal.

But I miss the creativity and fun of photography probably even more than I miss catching bad guys. So, after spending some time breaking out the old camera and lenses and messing around with them on vacation a week or so ago, I have a renewed hankerin' for doing it some more. Not as a job - I have a good job and career. More like as a passion - something more than a hobby. Just to get back into it something like the way I used to be. Of course, in order to do it right I'll have to do some investing. There's a ton of mediocre cameras and lenses out there. I like my Nikon D70 for a basic digital SLR camera, but in my photo world there's a need for something more if it's really to be taken seriously. And I'm a very serious guy. Zoom lenses? Screw that noise.

I'm still a bit of a digital photography nay-sayer. If I was an old dude, I'd probably be going off on something like "Why, back in my day, we didn't have no fancy digital cameras... All we had was cellulose film. And there we were, a bunch of chemical-burned, dry-skinned film developers, cleaning skin flakes out of the darkroom. But we likedit that way!"

Or something like that.

Anyhow, it's all digital now. But I do miss the darkroom. I was good at that. Hmmm, might need to set one up despite the ease of the digital photography world. Not instead of digital, just in addition to. For nostalgic reasons, sure, but also because as good as digital photography has become, it's still not quite up to the quality and subtlety of using a good quality film.

So what's my point? Well, nothing really. Heh. Except that I think I may start looking for some good, quality used Nikon lenses and another digital body. Then make some more trips off to The Middle of Nowhere. Anyone have a good clean AF300 f/2.8 Nikkor you wanna sell? Heh.

Map showing BWCA, Northern Minnesota

Actually, the number of people are parties that can enter the wilderness area on any given day and from any given entry point is pretty heavily limited. The regulations are intended to protect the area and make sure it's maintained as a relatively pristine wilderness area, which is a good idea. Some of the regs seem a bit extreme, but whatever. On the Canadian side of the lakes, it's a lot more expensive and even more restrictive in terms of the regs.

Anyhow, my good friend Cory and I spent a lot of time all week in canoes and fishing. I was feeling (and smelling) pretty strong by the second half of the week. A large part of the time it was just the two of us in the canoe, and other times we were in the boat along with Cory's dad. It just depended on the day and who was in camp at the time. One evening Cory, his sister and I went out for the evening after eagles in a canoe. We earned our eagle chaser badges that night.

Cory paddling on Disappointment Lake

Evening light on the water

I caught this northern pike on our first day out

Sunset from camp

One of the highlights of our canoe trip to the Boundary Waters Canoe Area Wilderness in Minnesota was a family of bald eagles that frequented the area around our camp for a couple of days. Being a former sports photographer (a long story for another time), I still have a couple lenses that I use on a D70 digital body, and I was glad I brought them with me on the trip.

I have always been quite impressed with an amazed by bald eagles. Getting a chance to be so close in the wild (they came as close as about 40 feet to where I stood) was a lot of fun. I wonder if you can get paid to watch and photograph eagles for a living. I bet some people do.

For the photo geeks, these images are with a Nikkor 180/f2.8 lens on the Nikon D70 body. These particular images are not public domain. Click each one to view a slightly larger size. A number of people are emailing asking for copies, which is fine, just let me know.

I'm starting this post while on an airplane, once again. I'll finish it after I get back to Oregon. Heading home - as they say - from a place I've never been before. The last week was spent with one of my best friends in the wilderness and experiencing several of the most important things life has to offer: Nature, friends, and some stark realities of life.

As I travel home to my house and my job, I recognize I am leaving something incredibly important behind. My life has was fundamentally changed in the last week. I can feel it in my bones. It's subtle, but it's there. And I am not just saying those words, I mean it.

Here and in the next few posts are images I shot while on vacation with my friend Cory in the Boundary Waters Canoe Area Wilderness of northern Minnesota for seven days last week. It's one of the most amazing places I have been to. We went with Cory's dad, Andy, who has been a guide there for many, many years. It was the experience of a lifetime. We fished, we threw hatchets, we ate well, we jumped off big rocks into cold, deep water, and we talked about lots of things. We saw nature and wilderness in the Land of ten thousand lakes. I know this is supposed to be a technical weblog, but for a short time I plan to document some of the things I saw and experienced. Not everything will go here - some of it is better kept to myself, I think.

John Denver put it this way (and yes, I know I am showing my age here). For the first time I think maybe I really understand what he meant...

He was born in the summer of his 27th year
Comin' home to a place he'd never been before
He left yesterday behind him, you might say he was born again
You might say he found a key for every door

I'm not 27 years old anymore, that's for sure, but the idea is still the same. Sometimes we see and experience things that so effectively disrupt our ritual lives and the ruts we fall into that the best word to describe the experience is epiphany. We realize suddenly that everything in our little worlds is not quite what we thought, and that it's time to do some serious searching of the soul. In a nutshell, that's what the week was like for me.

Just downloaded Windows Live Writer, a blog publishing tool that was released in Beta by Microsoft while I was on vacation. Omar was using it (without being able to say exactly what he was using) and said to keep an eye out, someone was releasing a sweet blog authoring tool, and this is it. I am writing this post after a very fast and automagical installation of the Live Writer software.

Wow, that was cool, pasting that image in the window... Finally, a blog authoring package that lets me copy an image to the clipboard without saving it and then lets me CTRL-V to paste it into the editing window, without having to save the image on the clipboard as a file - and drop-shadows to boot!

And, if all works well, I will be able to post this to my dasBlog weblog without using FTP for the images, using the metaweblog API enhancements in dasBlog.

There's lots of great little features. Check it out and try it out.

It's pretty much a classic Murphyism that returning home from a terrific vacation took me through five airports instead of two, and that it would result in arriving a day later than I was supposed to. But despite all that, the vacation I just completed was the best week I have had in a long time, and it taught me a lot about many things.

Several things to post about out of the week and a half in Minnesota, coming shortly. Pictures and thoughts, for the most part.

Suffice it to say, I found I wanted to stay there - And for a few moments, I seriously thought I would do just that. Let the soul searching commence. More soon.

Technorati : Vacation, epiphany, fishing

You know you're HR staff is top-notch when they solve personnel behavior problems in creative ways that actually have impact. For example, what if this email appeared in your inbox?

"If you enjoyed the pizza you forgot you didn't bring in that was in a box in the first floor refrigerator and you want to thank the co-worker who actually did buy it, please contact me for the person's name."

Nice. Of course the offender didn't reveal themselves, but I think this helped solve the real problem, and people definitely took notice.

What creative HRisms have you seen over the years?

(P.S. - Stealing is wrong. Please don't steal. It's bad.)

Technorati : HR, humor, pizza

Fly in and out of enough airports and you'll end up dazed and confused. After flying something like a zillion miles so far this year and transiting who knows how many gates at how many airports, combined with the fact that Arizona has a history of operating on it's own unique clock like a separatist nation... Well anyhow I got to Phoenix (at least I know where I am) and realized I have no idea what time it it here. I am also too lazy to get up and find a clock (a device you'd think you'd find in abundance, but which is actually desperately missing from almost every airport).

So, Google to the rescue. Did you know Google will tell you what time it is anywhere you like? Just ask:

What time is it in Phoenix, AZ?

There ya go - It's not just about keyword search!

My name is Greg, and I am a workaholic. It's been two years since my last escape vacation.

By vacation, I mean taking a trip to get completely away and check completely out of my world. One that does not include work travel on one end or the other (that's more like work plus a side trip, doesn't really count for decompression time). So, now I'm in the Portland International airport, on my way to Minnesota (by way of Phoenix, because that costs a lot less than flying direct, and how exactly does that work by the way?) where my friend Cory will pick me up and we will go north to The Middle of Nowhere, which is where he lives, almost. The airport is running like a finely tuned watch, by the way. When you consider the happenings of yesterday and the resulting increased security measures, it's good to see things moving and that people are not getting stupid or scared or otherwise freaking out.

Anyhow - vacation. Yeah.

We're spending about a week in the Boundary Waters Canoe Area Wilderness doing some fishing (that with an"F" not a "Ph" - like I said, no work). I have never been there, but I am told it's amazing and have always wanted to go. The fishing should be fun:

"The Canadian Shield lakes of the border waters gives an angler a wide variety of fishing opportunities. Fishing experts attest to the fact that the smallmouth bass fishing can't be matched anywhere. The deep cold lakes are home to the lake trout. Every lake has northern pike waiting to give you a battle while walleyes are sitting on the reefs ready to fill your frying pan . Don't overlook the slab-sized panfish. Spring and fall fishing is usually the best, although because there is very little fishing pressure on most of the lakes, fish can be caught at any time."

Most of all I am looking forward to catching up with my friend and spending a week resting the brain. See ya when I get back. Meanwhile you can just be jealous or feel good for me, whichever your personality supports, heh:

Located in Northeastern Minnesota, the Boundary Waters Canoe Area Wilderness (BWCA) includes around a million acres of wilderness, with over 1,000 pristine lakes and streams, and over 1,500 miles of canoe routes.  It is considered by some as the most beautiful wilderness they have ever seen.  National Geographic named it one of 50 Destinations of a Lifetime.  In other words, a vacation you do not want to miss.

The BWCA is a true wilderness experience, without motors, no electricity, no telephone lines, and no roads to the inner lakes. Summer and Fall are wonderful times to visit the Boundary Waters and its surrounding award winning resort communities of Ely, Gunflint, Grand Marais, Isabella/Finland, and Crane Lake. 

Don't think terrorism isn't ever coming back to our shores. As many as 20 aircraft were to be targeted for bombing in a plot in the UK. Sky News is just now reporting that an "alleged plan involved people boarding flights and detonating explosives on planes over UK and US cities" and that "the threat was imminent." The security level in the UK has been raised to "critical" and flying onto and out of the UK is definitely impacted. "This will mean immediate and severe disruption at all UK airports," officials are saying on TV.

20 people have been arrested in London. British officials are stating that this would have been bigger than 9-11.

I for one am glad there are good people out there thwarting these kinds of plans. Thank God for them.

Technorati : UK, aircraft, critical, terrorism, threat

Proof that cyber-crime is real, Consumer Reports is out with their State of the Net survey. It's pretty much as bad as we all know. From MSNBC:

"...American consumers lost more than $8 billion over the last two years to viruses, spyware and various schemes.

" Additionally, it shows consumers face a 1-in-3 chance of becoming a cybervictim -about the same as last year."

Thing is, prevention is much less costly than reactively paying for damage already done. You want to prevent the guy from getting into your place? Or do you prefer to let him in but then keep him from walking out the door with your money? Or are you like most people, who are resigned to watching him walk out the door with the prize, throwing your hands up in the air, and blaming someone (anyone, really) else?

How do we convince people, and what will it take?

Commenting on his motorcycle helmet, a friend of mine incriminates himself. Name changed to protect the innocent. Only 80?? Heh.

Joe Smith says:
I got rid of that halo thing I had on my helmet and put on retro reflective vinyl stickers

Greg Hughes says:
why?

Joe Smith says:
It didn't stay on above 80

Greg Hughes says:
oh hehehe

Greg Hughes says:
maybe you should put it back on then?

Greg Hughes says:
hahah

Joe Smith says:
Ummm, hehe

Joe Smith says:

and 80 is where it started to come off

"This was a screw-up, and we're angry and upset about it. It was an innocent enough attempt to reach out to the academic community with new research tools, but it was obviously not appropriately vetted, and if it had been, it would have been stopped in an instant," AOL, a unit of Time Warner, said in a statement. "Although there was no personally identifiable data linked to these accounts, we're absolutely not defending this. It was a mistake, and we apologize. We've launched an internal investigation into what happened, and we are taking steps to ensure that this type of thing never happens again."

AOL, over on their research wiki site, on Sunday posted an article describing their release of search data collected for more than a half million AOL users over a three month period. They claimed the data was made "anonymous," and that it was being released for research reasons. Problem is, it's not anonymous enough. Each unique user was replaced with a unique random identifier. That means you can see everything that user 336072 searched for. What if someone examined everything you searched for over three months? Even without knowing your name explicitly, do you think they might be able to find out some interesting things? Have you ever done a "vanity" search?

It's just not anonymous enough. I have a copy of the data that I downloaded before it was taken offline, and I've poked around in it a bit, so I know. Not only that, but spammers and search engine "optimizers" out there are going to have a field-freakin-day with this data. No, I won't share it with anyone else. It never should have been released in the first place, so I am not going to add fuel to the fire.

Michael Arrington at TechCrunch wrote about it in his blog entry entitled "AOL Proudly Releases Massive Amounts of Private Data," and updated his post a couple times as AOL mysteriously removed the data file from the web, as well as the page announcing the availability.

Arrington: "AOL must have missed the uproar over the DOJ's demand for "anonymized" search data last year that caused all sorts of pain for Microsoft and Google. That's the only way to explain their release of data that includes 20 million web queries from 650,000 AOL users."

When you consider that AOL search is - get this one - actually Google's search with a different face on it, you can imagine what the emails and phone calls that went flying around between the two companies on Sunday afternoon might have sounded like. Ouch.

Yeah, and so much for the privacy of AOL's users. If you're an AOL user, is that what you signed up for, to be a guinea pig in AOL's poorly-planned foray into academia? I think not. This is identity theft just waiting to happen, that's what this is. Again from Arrington:

"The data includes personal names, addresses, social security numbers and everything else someone might type into a search box. The most serious problem is the fact that many people often search on their own name, or those of their friends and family, to see what information is available about them on the net. Combine these ego searches with porn queries and you have a serious embarrassment. Combine them with "buy ecstasy" and you have evidence of a crime. Combine it with an address, social security number, etc., and you have an identity theft waiting to happen. The possibilities are endless. "

Google says "do no evil" and keeps this kind of data under wraps when challenged in federal court. AOL? Not so much.

Any would-be AOL boycotters better be prepared, though. Last we checked, you can't even cancel your account at AOL without being put through the ringer. Several years ago when I canceled mine it was a several-months-long experience before I was able to decipher enough to get the billing truly stopped. Coming and going, that's how they get ya in Dulles... There's a reason PC Magazine ranked AOL "Number One" in a list of things you'd really rather not be on...

Technorati : AOL, privacy, private data, release

The U.S. Senate on Thursday ratified the first and only international treaty designed exclusively to combat computer crime. You can read the full text of the Council of Europe Convention on Cybercrime here.

What does this mean? Well, a lot of things. But all told, it means law enforcement officials from around the world will have a more agile, speedier, and more capable framework for cooperating in combating bad guys that are out to hurt others on the Internet. For those of us working to stop bad guys, it makes doing so more possible and can help remove some barriers that tend to get in the way. For those of us in the United States, the provisions are not really anything new. But for other countries that ratify, it means a much enhanced ability to work together.

The Senate did not consider an optional provision of the convention that deals with combating Internet hate speech, which would likely have run afoul of the First Amendment to the U.S. Constitution.

Summary of the Senate activity is in an article at news.com.

Technorati : cybercrime, fraud, treaty

A new spoof video on YouTube take a different direction (as in, levity used to make a point rather than get a laugh) on making fun of the Apple marketing TV campaign and, well... just watch it. Not sure how accurate it is (but I bet someone will research this and let me know).

"That's iLife!" OUCH...

Click to watch:

(via MacSpoofs)

Technorati : Mac, advertising, pc vs mac, spoof

There are a couple interesting security-related headlines on ZDNet this morning, coming out of the Black Hat event. The first discusses how Microsoft's handing out a beta version of Vista to Black Hat attendees and says their security testing of Vista is the largest commercial penetration vulnerability test in history. In the other article, SPI Dynamics points out that many potential threats and gaps exist today in the use and consumption of RSS and ATOM feeds, and that many feed readers don't do security checks to ensure a feed is not malicious before - for example - running script that is delivered in an entry. A large number of common feed aggregators/readers (including the one I use) are on the list. This is something for the authors of those programs to address, for sure.

Microsoft issues Vista challenge
News Focus: Software giant wins over the Black Hat crowd by stressing its commitment to Vista security--and asking for help.

Blog feeds may carry security risk
Popular RSS and Atom feeds could carry malicious JavaScript code that would compromise a PC, an expert warned.

Technorati : ATOM, RSS, black hat, security, vista

I just downloaded and installed Zoundry's Blog Writer over lunch, a free and ultra-feature-filled blog editor. This thing is slick! I am writing this post with the new editor.

I think I found my new blog editing app that I have been dreaming of for so long. At least it's going to get a real trial run. I have fought with Rocketpost so many times (it has never worked for me, and the authors don't seem to answer email anymore), and while I love BlogJet, the feature set in Zoundry is pretty incredible.

I'll write more about it tonight, after I get a chance to play around with it some more.

UPDATE: I am having a hard time getting the app to play nicely with my web hosts's FTP. Seems to upload image files, but the "test" mechanism says it does not work correctly, which is kind of strange. I have filed a post on the support forums, we'll see how that goes. I can upload images, as witnessed at right...

UPDATE AGAIN: One super cool feature I noticed was that Zoundry totally used the newly-implemented blog autodiscovery calabilities that have recently been baked into dasBlog by Omar. None of the old manually setting up and remembering the URL for the blogger API or any of that stuff. Nice!!

I have a tendency to bleed a little on this blog, meaning I grab the latest source code version and compile it myself to run it on the server almost all the time. The last official release of dasBlog (which is an open-source .NET blogging server application) was v1.8 and it was born nearly a year ago (wow, that long?). But for those who compile it themselves from source, it's been changing regularly over the past year and we've been enjoying the trickle-flow of feature enhancements.

And sometime soon now, says Scott, the official dasBlog v1.9 release will be out.

v1.9 will include some significant feature enhancements. Here is a mostly complete list (at least at this point -- the list is blatantly stolen from Scott's blog):

• Much better multi-user/blogger support including a Top Posters macro and total comments - from Christoph De Baene
• TagCloud - from Scott
• Huge (100x+) speedup in Macro execution - from Scott
• Support for If-Not-Modified to speed up execution, improve RSS bandwidth and CPU cycles - from Scott
• Direct Feedburner Support with 301 redirection for RSS and Atom feeds. Don't lose a single subscriber. We're the only blog with direct support for Feedburner and Feedflare I believe. - from Scott
• Delete comments directly from your mail reader - from Omar
• New themes out of the box, 18 at last count - from Many Folks
• New XML-RPC support for newMediaObject - from Omar and Giuseppe Dipietro
• New support for RSD so client software can autoconfigure itself - from Omar
• Pluggable Rich Text Editor, choose from FreeTextBox or FCKEditor or write your own adapter - from Josh Flanagan
• Support for CoComment - from Scott
• Organized source, build, and packing for clarity - from Josh Flanagan
• New Feed Icons - from Omar
• Automatic disabling of Comments after a certain number of days. Also manual "close comments" support - from Omar
• ContentLookAhead show future dated posts - from Josh Flanagan
• Other misc fixes and suggestions from Tomas Restrepo, Jason Follas, Rene Lebherz and Steven Rockarts. Added entry CPU usage optimizations from George V. Reilly.
• Better strings and support for Portuguese, Turkish and Vietnamese from Ph?m Ð?c H?i.

If you're a sourceforge nut, know how to use Subversion and want to compile it yourself, go for it. Or wait a bit longer for the release. I am running the latest code on this weblog, and it's pretty darned slick.

Yesterday I was in Seattle and had a couple extra hours between appointments, so I headed over to Kirkland to check out the Smart Cars being sold at the Green Car Company. I climbed in a few of the ones they have on the lots there, and then I took one for a test drive.

Obviously, there's something appealing about a small two-seater that the EPA states will get 42 MPG, but which real-world people say they actually get anywhere from 45 to 60 or so MPG. Seriously - 60 miles to the gallon. For someone like me, which commuted 80+ miles a day in a full sized pickup that gets about 15 or 16 miles to the gallon, that's a big difference.

The Green Car Company gets these cars from ZAP in California. ZAP imports them into the United States from Europe, where you see these little things quite literally everywhere. When I was in Germany earlier this year I saw bunches of them.

You might think safety would be an issue, but not really - check out a crash-test video here. ZAP does all the "Americanizing" retrofit process so it is legal to license in the states, and the emissions stuff has also been taken care of. All those changes add to the price, though - the Smart ForTwo sells for just under $27K - and the convertible is $2K more than that.

Anyhow, about the car. I was impressed. It's well put-together and if you ever get a chance to sit in one you will be shocked by how much room is inside. I mean, there's a lot of room - much more than I need to fully stretch out. Even a person much taller than me should be able to sit comfortably. The seats are good and the finish is what you'd expect to get from a real car. In other words, this is not the Yugo or Metro style little car. It's for real. A number of modifications to meet the U.S. auto standards have been made, and overall it appears to be a solid, well-made machine.

After staring at these things for awhile, then sitting in them and being more impressed than I had planned on, I asked if there was one that could be taken for a test drive. Truth be told, after sitting in one and hearing the gas mileage stories (and even after hearing the sticker price), I wanted to see what they're really all about. The car has - get this - a 0.7 liter engine (heheh) that's (not get this) superturbo-charged. It has an electronic shifting system, and you can run in in automatic mode or  shift by hand using the electronic lever that has become common in many cars these days. A step-up option on the car includes shift paddles behind the steering wheel, for those who don't want to move their hands the 24 inches from the wheel to the shifter.

This car is fun to drive, for sure. It will do 85 miles per hour, so highway driving is perfectly realistic. In fact one of the employees at Green Car Co. drives one four days a week on his long commute (his is much like mine - lots of miles each way), and he is getting around 65 miles per gallon on the highway. Wow. It also turns on something smaller than a dime, and can fit in the smallest parking spot you can imagine (in fact you can fit two of them, at least, in a standard parallel curb spot by parking them nose-to-the-curb).

So, the test drive. After being shown the controls (nothing unusual) and handed the keys, I took it out on the road to cruise some corners, neighborhoods and hills. Kirkland is good for that sort of terrain. I headed out the lot and stepped on the gas, and the car wrapped up and took right off - with a bit more power than I'd assumed it could muster. This was going to be fun, I thought.

The car handles well. The wheelbase is quite long and wide for  such a small car, and I felt completely comfortable driving it around corners and in all the street conditions.

There are two things that stand-out as somewhat unusual about this car when you drive it for the first time.

The first thing in the brake pedal, which feels quite strange when you apply it because the pedal is attached to a mechanism that lowers into the floor rather than being hung from above on a pivot. So when you step on it, its kind of sinks down as you push it with your foot. It's not bad, just unusual.

The second things that stood out is the automatic shifting, which lags between gears. I mean that as it shifts, a clutch mechanism (there must be a clutch in there somewhere) disengages and the transmission shifts, then the clutch re-engages. The result is a period of a second or less when the engine is not powering the drive train. It's weird feeling, but not that big of a deal. This car is designed differently than any other I've driven, so I can accept the fact that it's different. And in this case different is not bad - it's just not what you are used to. By the way, if you are doing electronic shifting using the floor shifter or the paddles, you don't experience the lag between gears. And if you're interested in maximizing both power and fuel economy, electronic shifting by hand is the way to go anyhow.

The air conditioning was better than I thought it would be on a tiny car. The stereo was adequate but not something that will blow you away or anything.

Overall, this was a fun and interesting car. The fuel economy is insane, it handles very well, and it sure got stares and waves even during my 15 minute test drive. If it was less money I'd buy one without hesitating, but the thousands of dollars that are added to the sales price of a European one (one assumes to cover the cost of the "Americanization" and then some more dollars added on for the "new and cool" factor) cause me to have to do some serious math. I could save lots of money every week in fuel costs, but to get to $27K, it would take a huge amount of savings to justify the purchase.

But chances are I will be sitting down and doing the math.

And this video shows just how, uhh, versatile the car can be...

This could be very bad... In a news.com article published Friday, a couple of security companies (it's the good guys this time, at least - but they are planning to present it at Black Hat this week...) discuss how they've discovered a way to use your web browser and its built-in JavaScript engine to access information and resources inside the network where the browser resides and send it off to someone else or to launch attacks that appear to come from inside the network. This may be the next big wave of attacks.

SPI Dynamics is one of the companies mentioned in the article. They're discussing the results of their research at the Black Hat event this week, but they have also posted the article and a sample ("proof of concept" as they say) web page that does some of what they've discovered for all to see, use... and copy for that matter.

SPI Dynamics, by the way, has a quality set of expert articles, white papers, webcasts, and more on their web site.

Not sure how I feel about publishing this kind of stuff, but in the real world the bad guys will figure it out quickly enough anyhow, and I imagine they already have. The key to keeping this from becoming a major security event will be making sure cross-site scripting attacks cannot happen on web servers and using protective systems that catch malicious script on client machines before it gets run. Ultimately, JavaScript really needs to be revisited, but to do that probably means changing the way web sites work and coming up with a whole new standard.

JavaScript opens doors to browser-based attacks By Joris Evers
http://news.com.com/2100-7349_3-6099891.html

Malicious JavaScript embedded in a Web site can let a miscreant map a home or corporate network and attack connected devices ...

... "We have discovered a technique to scan a network, fingerprint all the Web-enabled devices found and send attacks or commands to those devices," said Billy Hoffman, lead engineer at Web security specialist SPI Dynamics. "This technique can scan networks protected behind firewalls such as corporate networks" ...

... Both SPI Dynamics and WhiteHat Security came up with the JavaScript-based network scanner at about the same time, he said. The companies plan to talk about their findings at next week's Black Hat security event in Las Vegas.

Tell me what you think, share what you know... In large part, I help catch bad guys for a living. So I have my own perspective and base of experience, but please share yours.

You may already be familiar with the term "phishing" and possibly you have a good idea of what it means. If you're not familiar with the term, you should be. Essentially, bad guys set up fake "phishing" web sites, typically by copying an online banking or other e-commerce site. The bad guys then send out emails or use other means to try to get you to visit the fraudulent web site they've set up, in hopes you'll think it's legitimate and "update" your banking or other private information there. In reality you're not communicating with the actual bank or e-commerce company at all, and you're not really updating anything - Rather, you are providing confidential identity and financial information to cyber-criminals. The bad guys then use that information to steal money, defraud you and others, and to create a new identity or leverage yours for their own gain. They're good at what they do, and the fact of the matter is, it works well enough for those who are the best in their "industry" (and it is its own micro-industry, as we'll discuss) to be motivated to make a career of it.

The general technique of convincing you via trickery to give up your private and sensitive information is called "social engineering." Bad guys act in ways that cause you think you're communicating with a legitimate business, but in reality you're being defrauded of information and - in turn - your financial and identity assets. More recently even myspace.com and similar sites have been faked, so we know these criminals are creative and go after us where we live. Whether it's a phone call from someone who sounds like a legitimate business person or a web site that looks like it's the real thing, it's all social engineering - tricking you into believing you're communicating information to a legitimate person or business when you're not.

You've likely seen emails show up in your in-box that pretend to be from ABC Bank or XYZ Credit Union. Beware any email that request information from you. The emails typically say something has happened to your account or that they;re verifying information, and you need to update your information by clicking a link to go to the bank's web site. But those emails are fakes, and so are the sites that load when you click the link. They're sent (well, spammed really) to anywhere from a few thousand to millions of people at once. Even when only a very small percentage of victims actually take the bait (hence the term phishing, eh?) , the bad guys win and come out ahead - big time.

Unfortunately, people do take the bait. I see it every single day in my work. Just the other day I dealt with a situation in which someone who provided their information to a phishing site fraudster was ripped off for $19,000. We're talking about serious stuff here... Now, when you lose money it's sometimes recoverable (but not always - you can sometimes be held responsible for giving away security secrets, after all). But if someone steals your private identifying information - things like driver's license numbers, dates of birth, social security numbers and the like - it's bad news. You're in trouble. Recovering from a stolen identity can be nearly - and oftentimes completely - impossible. You can get a couple thousand dollars back if you get tricked into giving up a password, but you can't take back your social security number once someone knows it.

You get the picture.

So, phishing is when someone sends an email and tries to get you to provide your secret information on a web site that looks like a legitimate one, but which is really just a fake copy that some bad guy controls. A lot like walking into what you think is your favorite coffee chain and walking out with a Strychnine latte, really. And on top of that, you paid the bad guy who you thought was your friendly barista $5 for it - and left a tip.

We've covered some of the basics of phishing fraud - just the first thin layer of the problem, actually. Over the course of some future posts, we'll dig a bit deeper into the details of what makes up a phishing campaign and what can be done about it. We'll also discuss pharming, spear-phishing and other cute terms that start with "ph" but which are really just about the farthest thing from cute you can imagine.

There are solid reasons for this madness that plagues the financial service and e-commerce industries. But truly understanding the problem means more than just knowing what phishing emails look like and avoiding fake sites. The fact that the sites are even there in the first place, that the email actually reaches your in-box, that you can't tell a fake site from the real one - all of these things are problems in and of themselves. To truly prevent the problem - and let's face it, prevention is the golden key here - we need to know and understand much, much more.

For instance, do you know why certain banks, credit unions and online retailers are targeted over others? Here's a hint: It's not always about how many customers they have to target or how big a name the bank is, although that can be a factor. Many of the biggest targets are credit unions with just a few thousand customers. And do you know what the phishers actually do with the information they fraudulently trick you into providing?

Do you have any idea who the bad guys are?

That's a taste of what we'll be discussing here over the next few weeks. I'll publish some of my thoughts on these topics and more. Not the secret stuff that lets us catch them, but the information consumers and institutions can use to help combat the problem. It's an opportunity to learn and share information. If you have ideas, thoughts or comments about the phishing problem, or online fraud in general, please leave a comment on this entry, or write about it on your own blog, or alternatively you can email me (but please use the comments if it's safe and reasonable to do so in order to provide the benefit to others - I tend to get a lot of emails that would be much better from a community standpoint if they were posted instead as comments). I'll leverage my own thoughts as well as the thoughts of others like you to help build parts of the future discussion. With hat tips all along the way, of course.

Lots of people get credit card applications in the mail. Recently (possibly as a result of increasing interest rates and therefore the potential to make more and more money) it seems like the number and frequency of credit card applications arriving in my mailbox has gone though the roof. Last week alone I received over 20 of these pre-approved applications. It's just nuts.

Another crazy thing is, one credit card company will send several each week. They're spending lots of money mailing me fancy color-printed paper to try to get me to sign up for a credit card at an interest rate (and a variable one at that) which I'd never touch. The ones with the low fixed rates are more appealing, but I really don't want or need more credit cards.

There's a lot better deals out there. What's the best credit card deal these days? Is there such a thing?

Internet phone service is bad and getting worse, according to a new survey released last week. That's interesting, since I have been using Vonage at home for quite a while now and my experience has been that it's improved significantly over time. These days its much better than the local "classic" wired telephone service. But apparently my VOIP experience might not be the norm, at least if you believe the people doing the testing:

Nearly one in five Internet phone calls are “unacceptable” in quality - with annoying woes ranging from echoes to clicking sounds. The problem is lines clogged with video, audio and other data that interfere with service, said the study by Brix Networks, which makes products that test the quality of so-called Voice Over Internet Protocol...

...Brix arrived at its conclusion after almost one million Internet phone tests were conducted by users at the company’s web site, testyourvoip.com. The tests, started in late 2004, immediately revealed quality problems and Brix continued with the tests through early this year, before compiling and releasing its results...

All I can say is I really like Vonage. Between the call quality I get (very good) and the extra features, not to mention the lower price relative to POTS service, there's no way I'd go back.

(story via the Boston Herald)

Forget "Hello, World." More like "Look Out, World!" Greg's gonna learn how to program. Just enough to be dangerous, I am sure... I mentioned this more than a year ago, but have yet to take advantage of it. And at the time all the content was not yet available.

Microsoft has more than 10 hours of online video training geared toward beginners (that would be me) on how to program using Visual C# 2005 Express. Woah, cool.  Dubbed the Absolute Beginner's Video Series, it takes you from "Hello, world" to a RSS reader app. This is totally for me. Not only that, you can choose to stream the video or download it, and the project files are right there to download, as well. Nice - I can spend some airplane time learning how to program!

There's also a C# Windows Forms Controls video series and for those wanting VB.net instead of C#, the same series is also available for that language.

I'm glad to see this kind of content available - it's exactly what getting-old management types like me who wish they'd learned to program a modern language need.

The content of the C# and VB.net tutorials was provided by http://www.learnvisualstudio.net/, which has a whole slew of great looking content available for people wanting to learn programming, from absolute beginner to more advanced level programmers, as well as people in-between.

Jay Rosen at PRESSthink has an idea, and one that is certainly quite interesting. In his post "Introducing NewAssignment.Net," Rosen describes his idea, which would meld the best of what the Internet mob has to offer with the typically-careful approach of professional Journalism, into a new hybrid-type of news gathering and creation process.

What can "networked journalism" do in the real world? What does news without the media look like? Check out Rosen's thought provoking and interesting post for that and more:

Alright, what is it?

In simplest terms, a way to fund high-quality, original reporting, in any medium, through donations to a non-profit called NewAssignment.Net.

The site uses open source methods to develop good assignments and help bring them to completion; it employs professional journalists to carry the project home and set high standards so the work holds up. There are accountability and reputation systems built in that should make the system reliable. The betting is that (some) people will donate to works they can see are going to be great because the open source methods allow for that glimpse ahead.

In this sense it’s not like donating to your local NPR station, because your local NPR station says, “thank you very much, our professionals will take it from here.” And they do that very well. New Assignment says: here’s the story so far. We’ve collected a lot of good information. Add your knowledge and make it better. Add money and make it happen. Work with us if you know things we don’t.

But I should add: NewAssignment.Net doesn’t exist yet. I’m starting with the idea.

Honestly, I can't tell you how tired of the typical, average, mundane, same-old PowerPoint presentation I have become. 99 percent of the time, as soon as any given PowerPoint presentation starts, I can feel the bile and boredom start to slosh and boil in my gut - in part because I sit through so darn many presentations, but even more so because most presentations - well - they just suck.

There's nothing quite like a slide deck with all the bulleted words the presenter that will be coming right out of the speakers mouth, if your intent is to say to your audience, "Hey, you're an idiot, so let me read this to you." Who's the idiot, really? There's nothing more redundant than reading and listening to the same thing. Or even worse, a zillion words on the screen and the speaker is talking about something else entirely. You lost me at "Hello."

So more and more I feel like I'm wasting my time. "Read to me, speak at me, bore me with bullets ad nauseum." Please, don't.

Don't get me wrong - I know people don't do this on purpose, they're trying hard and - well - it's the way everyone else does it, right? I also know I'm being a bit harsh (in order to make a point, really). It's just that for most every presentation anymore it doesn't matter all that much what it's actually about, because it's so much like everyone else's. PowerPoint is PowerPoint is PowerPoint, and it's tiring.

If you sell a product, or an idea, or some thing, you don't want it to be just like everyone else's do you? Apply that rule to your presentation style - How do you differentiate yourself from the crowd?

We actually love the crowd, of course, because it's easy to stand out when everyone else is doing the same thing. But it's worth risking having to work harder at it if a few people will revisit their presentations and get out of the common PowerPoint traps.

Anyhow, I got to a point where I was also hating giving presentations with PowerPoint (which I do quite often), not because of the PowerPoint application itself, but because of the fact that all my presentations seemed to be basically the same, and all the templates out there seem to encourage it: Long bulleted lists, points to read aloud, graphs and charts and nasty nasty nasty clip-art. Seriously, using clip-art should be a felony. No, really. Seriously. Like as in prison.

So, a couple weeks ago I took a chance on a presentation I gave at a conference, and went all Lessig-ish with it. A couple words on each screen to punctuate the salient points, a plain white background with big, readable black letters centered on the screen, and the rest was all talk. No handouts (and believe me that was a real surprise for the attendees - but it's not like they walked out or rioted or anything). It took some concentrated effort to create the new presentation. Not rocket-science level effort, mind you - but extra work it was. Time well spent.

And - get this - it worked. The audience was engaged and the conversation (which is what it's all about - exchanging thoughts and ideas, as opposed to making a speech, right?) was interesting, for everyone including me. You could tell the format and style was something new for the audience, for sure, but the looks on people's faces were certainly fun to watch. And the thing is, they actually had looks on their faces. Gone was the blank gaze. Everyone in the room was looking at me as I spoke, and that means making a connection. They'd glance at the screen momentarily and then look back to me for the information, not the other way around. We actually looked in each others' eyes. Now, it's not that I have some kind of problem where I desperately need that kind of attention - it's just that it's clear as day that direct, personal communication is much noticeably more effective and meaningful.

The questions from the crowd at the session were good - They were thoughtful, and the audience was obviously tuned in. Not that my audiences aren't tuned in in general - quite the opposite. But in this presentation you could sense the difference - One could feel the connection and involvement noticeably more.

After the conference, we sent my spartan slides, along with the relatively detailed speaker notes printed on the page below each slide, in PDF form to anyone who attended and wanted it. Gotta provide those handouts at some point, you know... Unless it's caught on video or something.

One of the best and most effective presenters I know personally, Scott Hanselman (it's my week to link to Scott, heh), called it "Existential Presentation." I assume by that he means free, individual, unique, possibly even rebellious. I can see that. 

Personally, being the practical and somewhat-less-eloquent guy I am, I see it as a kind of resurrection of some form of miraculous goodness from the hell of a bloated and obese PowerPoint existence. Ah, existence. I get it, Scott!

Anyhow -- What do you think?

P.S.  Great resources for presenters and presentation authors (hey - you do write your own presentations, right???):

• Presentation Zen Blog (which has been subscribed in my aggregator for quite some time)
• Garr Reynolds presentation tips
• Scott Hanselman's Tips for a Successful Microsoft Presentation (great stuff)

From the comments, Jim Holmes points out a couple more great ones:

• Dick Hardt - http://www.identity20.com/media/OSCON2005 (which is a great presentation on top of his great style)
• Cliff Atkinson's "Beyond Bullet Points" is a good book, and his companion site - http://beyondbulletpoints.com - has had lots of good info in the past

and Shane Perran also has some excellent suggestions:

• Steve Jobs - Simply brilliant when it comes to presentation. That goes for most of the Apple design/marketing team
• www.guykawasaki.com - Guy Kawasaki - A one time Apple guy turned VC and absolute master of presentation
• sethgodin.typepad.com - Seth Godin - Author of the ever popular Purple Cow and another master presenter and storyteller
• www.alertbox.com - Jakob Neilson - While wildly hard-nosed about design, he knows content usability like no other - mostly web oriented, there is a lot of carry over

Those are all good ones, and most all those blogs I subscribe to (and the rest I just did, heh). Presentation is about content, style, design, personality, conversation... All important components.

Last week it was Toronto, and this week I am headed to Atlanta. I'll leave Portland in the early morning Wednesday and fly across the country and then back, once again. This time I decided to use a couple of those 500-mile class upgrade vouchers I've been earning and hoarding, since this is the last flight I have scheduled for at least the next few weeks (I have over 100,000 total miles accrued on my frequent flier account, including about 70,000 real, actual miles flown since February and 45 flight segments flown since the beginning of the year - sheez). I've been flying my body into a deep, dark pit of cramps and generalized pain. So, I figure I might as well try to make this trip a nice one, eh? Then when I get home and spend a couple or few weeks in my own bed maybe I'll eventually get back to "normal." Whatever that is, heh.

So... I'll be in the Columbus and Atlanta, Georgia areas Wednesday night plus all day Thursday and Friday. Then it's back home again. If I am lucky, my travel calendar will remain fairly close to what it looks like today and I won't have to fly again til sometime in August. Fingers crossed!

The travel can get in the way of fun. My friend Norm called me tonight to see if I could help shoot a big fireworks show (on a river barge) this Saturday but I had to say I'd better not unless he gets in a bad bind for crew members, since I don't get back home til late on Friday night. All this travel really takes a lot out of me, and I'd hate to only be partially effective while everyone else on the crew was out there working their butts off. At any rate, I do wish I could work this fireworks show - it will be a fun one, and with a good crew of people. Oh well - next time!

I think maybe United Airlines owes me something more than a few upgrade coupons and some miles that can only cash in on a limited set of flights/seats. What do you think airlines should do for their customers that travel a zillion miles a year on their flights?

At least they aren't charging to use pillows and blankets like Canada Air was on my last trip. Wow, talk about penny-pinching. It's not very attractive.