The Daily Grind

Oh dear. Child support records bunged on disc and stuck in the internal post from HM. Revenue & Customs to the National Audit Office. They didn’t arrive, and now the bank details, National Insurance numbers, names, addresses, and dates of birth of basically everyone in the UK with a child under 16 … are out in the open. Somewhere.

This in the same week that a Colossus has been working again. Ironic that we seem to know less about cryptographic data security now than we did sixty years ago.

We’ve just had a Treasury Secretary on the radio defending the forthcoming ID card concept as being a wholly different animal, since it’d be a new system, and not an old one like the Child Support set-up. While there’s some merit in that argument, what seems fishy is that this feels like a systems design issue, not an IT issue at all.

Records are (apparently) sent to the NAO unencrypted? Does the NAO really need all those bits of information, or would a partial set reduce the data exposure? How could ‘junior officials’ be in a position to ‘ignore security procedures’? Is plain-text data export just something that’s viewed as routine?

Remarkable.

And no, I’m not a data security expert. On the other hand, I did once build an end-to-end encrypted data collection website, and I’m not a complete twit on this stuff. Witness my decision to build that system myself, because the web security ‘experts’ I consulted were uniformly clueless. Ah. Bingo.

Riffing off that previous post – if Mac software developers were bands, who would they be?

The Omni Group are clearly U2. Which I think makes Stone Design Status Quo.

Any others?

(My, I’m being geeky at the moment. Not, it seems, geeky enough to sort my RSS feed, however. Kevin tells me it’s showing raw Markdown. Oof, nasty. I’ll see what I can do…)

Everyone’s ex-favourite Mac developers The Omni Group (we all still like Omni, but we’re really digging Panic at the moment and we’d probably groove along to MacRabbit too if only they’d release the b-side to their stonking debut single CSSEdit) have released a public beta of their task management app, OmniFocus.

This is the app famously described by Chairman Gruber as ‘OmniVapor,’, and I’m entertained to see that these final-stage test builds are termed ‘Vaportrail’ releases. Nice.

I’ve spent basically two days now hacking on Movable Type templates and stylesheets. Not here, sadly – The Daily Grind still looks rubbish – but over at another site that might go public later in the week.

Contrary to expectations, perhaps, it’s been a pleasant enough experience. The new templating system in MT4 takes a little while to get one’s head around, but if anything it’s quicker to make sweeping changes now than it used to be. There’s a learning curve, sure, but it’s nowhere near as steep as I’d expected.

If anything, I’ve found it more difficult to get my head around the support networks than the templates. There seem to be about four different forums and a scatter of mailing lists, and I’m still confused about where to start asking questions like:

• The rich text editor. That plain doesn’t work in Safari 3, right?

• Actually, does it work at all? It produces bizarre div-laden output for me (in Firefox), which fails to publish (throwing an error that’s neither specified nor logged), then dumps me back at the entry with any graphics elements duplicated at the end of the post. Rinse, repeat. Thank heavens for Markdown.

• That might be a conflict with FastCGI. Testing needed at this end.

• The default stylesheets are OK, but there’s not enough layout variation to learn much from them. Things as simple as ‘changing the heading bar height’ require work to discover. I was actually gunning for a layout with a vertical strip menu and the heading alongside, but had to give up – couldn’t make it work. This sort of thing should be in the examples. Ditto changing sidebar width, which seems to have horrid side-effects.

• Some serious thought should be given to breaking up the default templates into ‘layout’, ‘typography’, etc. Or at least documenting within the code. It’s remarkably easy to end up with CSS tag soup, and refactoring makes my head explode.

• The default templates are basically widgetless, with widget code embedded directly. I’m sure there were discussions about making a clean break, but… I’d have voted in favour. Anything to keep the column modules shorter – they’re terrifying when you first open them.

• The default stylesheet comments listings: are they, you know, finished? The line spacing looks plain awful.

• You need Template Installer. You could really use Template Exporter, but can’t quite see yourself paying $97 for something that ruddy well should be in the app in the first place (sorry, Mark). You really really really need Template Shelf. You’ll wish the Movable Type TextMate bundle handled the new namespace tag format.

• CSSEdit is one of the most amazing applications I think I’ve ever used. Absolute genius. The only thing it lacks is showing you the computed style attributes for a selected element – but you can get that from the inspector in Safari and work back.

The first thing I did, by the way, was indent a bunch of the template code – Header, Footer, 3-Column Layout. Then I went through and commented each /div so I could tell just what it was closing. Finally, I added module start/end comments. The result is that I can look through generated output and work out which module threw that ^&£^£ tag in that’s screwing everything up.

Since I’m evidently incoherent with fatigue I might as well continue: How come there are basically no third-party MT4 styles? Isn’t that a bit odd? Or are there hundreds, all hiding from me somewhere?

Right, to bed with me. Good night, world.

Nice analysis (in cartoon panel form) of the various candidate logos for the 2008 Presidential election. (via Chairman Gruber).

I have to ask: at what point do Americans get tired of red, white, and blue? I count three deviations in that slideshow, only two of which are for the current election. And one of those leavening colours? Beige.

Sheesh. By the end of the election, America will be so saturated with red, white and blue that the population will be suffering retinal pigment loss, and they’ll only be able to see green things.

Wait – that’s good, right?

“Mabel, what are these things?”
“I think they might be trees, Norman.”

Flossie sent me an electronic love spoon from an exhibit in St. Fagans National History Museum; an email with a link to a web page bearing a graphic of said personalised spoon.

My Mac marked the notification email as spam, and I promptly deleted it.

And they say romance is dead.

[you can access the love spoon app online. I’m particularly fond of the meaning of a horse emblem. Just be sure to call your beloved and tell them to check their filters.]

NewTeeVee has an excellent post (and equally good comments) on the relative lack of public interest material in the online video world:

“Hopefully there’s [a way of supporting] the more provocative, less commercial creators of today before they become footnotes in nostalgic cultural histories tomorrow.”

Ouch. Worth a read.

(Somewhat embarrassing for me that my own comments were held in moderation for a day, while waiting for the SciCast server to do whatever it does that causes it to recover from one of its periodic outages. It was patchily down for more than 24 hours there. Oof.)

Wondering about the whole US screenwriters’ strike? Yeah, me either, really, so here’s John August’s lengthy but (natch) well-written account of the situation.

I’ve a lot of sympathy for them, to be honest. The concept is sound, even though I don’t get residuals for any of the stuff I’ve done (I’m not a drama writer, so what I’ve done has been on a buy-out basis; Producers don’t get residuals here either, mind. Directors sometimes do, but not Producers).

Forget DVD sales, too – the alarming issue is that writers aren’t getting paid for internet sales. At first glance this appears entirely indefensible, especially in the light of the $1bn Viacom suit against YouTube. If online copyright infringement is worth that much in damages, surely the material being online must be worth something in the first place. So… why don’t the writers get a cut of that, in the same way they do in other media? Run that by me again?

Or… just watch this ‘Not The Daily Show’ clip from some of the writers of… uh… The Daily Show.

Yes, again. Interesting read, though.

And as ever the comments are full of people saying – to paraphrase – ‘speed doesn’t kill, bad driving kills.’ No, you muppets, what kills is hitting people with a car.

The situation strikes me as the British equivalent of the American ‘guns don’t kill people, people kill people’ debate, which is a bizarre justification for a gun lobby. Sure, the NRA’s right in a linguistic sense, but mass ownership of firearms certainly makes it more likely that I’ll get shot in the head.

I used to buy car magazines; I was wildly excited about my Mini Cooper. Two things have more-or-less seen off my interest in cars: my desire not to be aligned with the nonsense spouted by the road lobby, and Mercedes, who naffed up the Smart Roadster so badly I doubt I’ll ever forgive them.

Damn, that could have been a great car.

Seeing if xmlrpc posting is still running in this brave new FastCGI world.

[update: oooh, blimey, that worked. For those following along at home, the relevant .htaccess incantation in my /mt directory is now:

#AddHandler cgi-script .cgi
AddHandler fastcgi-script .cgi
<FilesMatch "^mt-xmlrpc\.cgi$">
SetHandler cgi-script

All this on Dreamhost, by the way.]

[update 2: reverted to:

#AddHandler cgi-script .cgi
AddHandler fastcgi-script .cgi
<FilesMatch "^mt-(add-notify|atom|check|config|feed|testbg|upgrade|wizard|xmlrpc)\.cgi$">
SetHandler cgi-script

…as per these notes.

Looks like everything’s working again. Switching the comment state of each line reverts back to plain old cgi, so we’ll see how it goes.]

[update 3: be sure to:

touch mt.cgi

…whenever you diddle with plugins, to restart the app in FastCGI. I keep forgetting, and MT gets stuck at upgrade checks.]