Hacks and Gadgets by HJL

I got a Blue Screen Of Death with the error SESSION3_INITIALIZATION_FAILED while trying to set up a clean install of WinXP this evening.

This install repeatedly failed after the Windows Setup finished loading after booting from CD-ROM, and just before it would have presented the text welcome screen.

The problem turned out to be small smudges on the CD surface. Apparently, SESSION3_INITIALIZATION_FAILED can be triggered by a failed read while booting the installation environment.

Other posts I found online reported this being caused by loose drive cables, conflicting IDE drive cables, bad CD-ROM drives, as well as damaged or smudged installation media.

I wasted half an hour reseating cables and memory chips and fishing around with Google for a solution.

Hopefully this will save someone some search time.

I was recently at Fry’s Electronics looking for replacement ink cartridges for an HP G95, and decided to try the refilled cartridges this time around.

I wouldn’t recommend refills for photo printing, but for everyday draft printing and copying, the generic ink cartridge refills seem to be a completely transparent substitution.

The price difference between the official HP cartridges and the refilled ones is substantial. The standard HP 51645A (45ml) black ink cartridge was around $29, while the refill (Innojet) was around $19. I noticed that the refilled cartridges are marked “Remanufactured in China”, so it’s apparently worth collecting the empty cartridges, sending them to China for refill, then shipping them back to the US. The print heads are the tricky part to manufacture, and don’t wear out nearly as quickly as the cartridge runs out, which makes it attractive to refill them.

Most of the printer’s output gets thrown out after a few days, so it’s loaded with the generic ($0.99 per ream) recycled paper, and I can’t tell any difference in output quality in everyday use. The color cartridge initially seemed to have a clogged nozzle, which I cleared using the normal printer maintenance utility. This might be a problem for some users, but I’ve had problems with clogged nozzles on HP original cartridges as well, which is how I became acquainted with the printer maintenance utility.

The refilled cartridges have original HP print heads, so assuming the nozzles are clean, the main difference is in the quality of the ink. HP’s inks are likely to be more fade resistant and have a greater color gamut than aftermarket ink. If nothing else, the HP print drivers are developed for use with HP ink components, and the refilled color cartridge is unlikely to be an exact match, so photos may look better with HP ink.

For casual users, though, the combination of cheap paper and cheap ink seems quite practical.

I don’t currently have this problem, but you may also be interested in resetting the HP cartridge DRM.

Update 10-21-2006 11:01 PDT - Today I got a refilled color (78A) cartridge, in which the cyan didn’t work at all. I exchanged it at Fry’s for another, which is working fine. In contrast, I’ve never had an HP ink cartridge fail out of the box. So there’s an additional tradeoff between cost and reliability. For casual use, the $10-per-cartridge discount is still worth it for us, but on the other hand, we’re only 5 minutes from Fry’s, and go through a lot of ink.

If I’m feeling adventurous / bored, I may try one of the ink refilling kits next time around.

I’ve been getting thousands of attempted comment and trackback spam across my site during the past few days. Fortunately, most of it is getting caught by the keyword filters.

This round of spam seems better implemented than previous ones. The incoming comments and trackbacks are distributed across the entire site, rather than on one or two posts, and are also coming in from a broad set of IP addresses and user agents, which makes it hard to use .htaccess rules for blocking it.

I’ve added a few more entries to the comment blacklist in Wordpress, which has reduced the number of spurious comments making it through auto-moderation.

I’ve noticed today that Google Adsense has been displaying a lot of Public Service Announcements (PSAs) both on my site and on various other blogs I looked at during the day today.

I don’t click through the feeds to the original site most of the time, so I don’t have a good sense of whether this was just random coincidence on a limited sample set. At one point, every site I looked at had at least one PSA running. The PSAs look a lot different from the normal text ads that occupy the page layout on various sites I’m familiar with.

Adsense seems to be returning to normal behavior this evening. On the other hand, I see there are zero clickthroughs for the day, so it’s probably been displaying PSAs most of the day on my site.

It turns out that getting my new Bluetooth headset working correctly with my IBM T42P notebook computer was more complicated than expected. The factory-shipped Bluetooth configuration is unusable with some devices, including my headset. Here’s the story, including how to fix it:

When I first set up the wireless headset last week, I paired it with my Nokia 6820 cell phone, which already has a working Bluetooth stack and handsfree device profile for using a headset. I was also able to successfully initialize device pairing with the notebook computer and the cell phone at the same time, which was one of the main selling features of the Plantronics 510. The headset showed up in the Bluetooth devices list, as expected, and I didn’t get around to trying to use it until today.

The headset has been working great for handsfree phone use, so today I was looking forward to trying it with some voice applications on the notebook computer.

It turns out that while the Bluetooth headset successfully paired with the T42’s built-in Bluetooth (IBM Integrated Bluetooth III), none of the headset device interfaces were recognized and initialized by the system (WinXP SP2 Pro). This means that in the Control Panel, the audio devices corresponding to the headset microphone and earpiece didn’t show up, so they were unselectable for use in applications.

From investigating this, it looks like:

1. IBM supplies a Bluetooth stack (Widcomm) specific to their hardware, and Microsoft also provides a Bluetooth stack with WinXP SP2.
2. If both are running, the results are unpredictable. In my case, the Nokia 6820 was able to connect without problems with both stacks in place, but the Plantronics 510 paired without loading the interfaces, making it useless.
3. Under most conditions, when WinXP detects new Bluetooth hardware, it will automatically load the Microsoftc Bluetooth stack.
4. If the Microsoft Bluetooth stack isn’t loaded, 3rd party Bluetooth stacks can still be installed and provide identical or enhanced functionality.

Here’s a solution that worked for me (although I still don’t entirely understand the problem interaction yet):

1. Remove all instances of Bluetooth stacks in the Device Manager.
2. Before rebooting the system, prevent the Microsoft Bluetooth stack from loading. Here are the instructions from Microsoft’s knowledge base KB889814:
   

   1. Click Start, click Run, type sysdm.cpl, and then click OK.
   2. Click the Hardware tab.
   3. Click Device Manager.
   4. Expand Bluetooth Radios.
   5. Right-click each device listed under Bluetooth Radios, click Uninstall, and then click OK.
   6. Close Device Manager, and then click OK.
   7. In Windows Explorer, open the C:\Windows\Inf folder.
   8. Rename the Bth.inf file to Bth.inf.old.
   9. Rename the Bth.pnf file to Bth.pnf.old.
   10. Restart Windows XP SP2.

3. Now reboot the system. Windows XP will detect the Bluetooth hardware and begin automatically installing the drivers. This time, the IBM Bluetooth software will be installed, but without loading the Microsoft Bluetooth software.
4. At this point, the Control Panel item for Bluetooth Configuration will actually work, and there will be many tabs that weren’t there before. The Bluetooth Devices applet appears to do nothing, I think it may be left over from the Microsoft stack.

There are several lengthy discussions on Bluetooth and IBM T series notebook computers over at the thinkpads.com forum. This one is probably the most relevant, but be sure to read to the end, since the first post on the thread is from March 2005, and all the software involved has been updated since then.

After disabling the Microsoft Bluetooth stack and rebooting, I needed to reinitialize the device pairing to connect the cell phone and the headset, but since then everything seems to be working OK.

This is remarkably “user-unfriendly” and about as far from “plug and play” as I can imagine.

I’ve been using this blog and my running blog for testing out Wordpress 2.0 before trying things out on the main site. This evening’s task has been setting up tagging on my running blog. I’ve been using Jerome’s Keywords for a while, but have been reading good things about Christine Davis’ Ultimate Tag Warrior and decided to give it a try.

Ultimate Tag Warrior is extremely comprehensive and flexible. There are versions for both Wordpress 1.5.x and Wordpress 2.x, although I’m only working with the later version. The plugin works smoothly after being activated, and the only tricky part has been that URL rewrites are different in Wordpress 2.x. — rewrites are now done within Wordpress rather than in the .htaccess file, which seems like a good idea, but in the meantime this plugin and others are still a little in transition.

As currently shipped, the plugin automatically generates rel=”tag” links for Technorati, and can be configured to point to other tag services or use local tags. The URL rewrite problem breaks “clean URLs” for local tags of the form http://site/tag/localtagname, so if you just want to generate Technorati tags you’re already in good shape. Without working URL rewrites, other features like local tag clouds don’t work so well though.

In the meantime, here’s a temporary fix (from comments posted by Stephen Collins) which can be added to the .htaccess file in the root directory of the Wordpress installation. The example here is for http://www.hojohnlee.com/running/, you should change the paths to match your own.

This fix is unlikely to be needed for very long, there is a lot of activity underway among Wordpress plugin developers to get things working with the new version. If you put this in place, you should probably keep an eye on the Ultimate Tag Warrior page or the Wordpress support forums for updates.

# UTW

RewriteEngine On
RewriteBase /running/
RewriteRule ^tag/?(.*)/feed/(feed|rdf|rss|rss2|atom)/?$ /running/index.php?tag=$1&feed=$2 [QSA,L]
RewriteRule ^tag/?(.*)/page/?(.*)/$ /running/index.php?tag=$1&paged=$2 [QSA,L]
RewriteRule ^tag/?(.*)/$ /running/index.php?tag=$1 [QSA,L]
RewriteRule ^tag/?(.*)/page/?(.*)$ /running/index.php?tag=$1&paged=$2 [QSA,L]
RewriteRule ^tag/?(.*)$ /running/index.php?tag=$1 [QSA,L]

Update 02-08-2006 22:30 PST:
After upgrading to Wordpress 2.0.1, it looks like this fix for .htaccess is still needed with the version of Ultimate Tag Warrior that I’m currently using (2.9.2.1) over on my running blog.

Wordpress 2.x has moved the URL rewriting out of .htaccess and mod_rewrite and into classes.php. This provides access to more hooks forl plugin developers in the future, but in the meantime this seems to be causing a lot of problems with non-standard permalink structures or custom rewrite rules.

Here’s a handy way to check out what sites are associated with an IP address:

A2B has recently implemented ping blocking to reduce the volume of spam hitting their geotagged search engine. They publish a current list of blocked IP addresses, and you can also submit queries to see what sites have been seen recently at a given IP address.

Here’s the list of sites from an identified spam IP address (70.86.36.194). They also list the blogs associated with the IP address.

Many of the blocked sites are submitting 6000 to 8000 pings per day. A2B reduced their ping traffic from 27GB to 6GB daily by blocking the 112 top spam blog IP addresses turning up in their server logs.

The lookup service is a little similar to some of the reverse DNS services that are available (IP to domain name), but it appears to have a shorter time horizon. A quick check on some sites I know to be on shared hosting services only shows some of the sites that are at their respective IP addresses.

via SpamHuntress, see also comments there from Sam Critchely of A2B.

After a few weeks of relative quiet on the web spam front over the holidays, I see that there’s been a huge uptick in new spam referrers turning up in the server logs here. I suppose the spam operators have come back from the holidays as well.

Referrer spam is fairly pointless on my site, since I don’t publish automatic lists of site referrers. However, it can chew up a lot of bandwidth and CPU cycles.

The first line of defense here is using .htaccess to completely block the top level domains and IP addresses that are known to be problematic. Additional filtering is done by individual applications such as Wordpress (Akismet et al) but if you block unwanted traffic with .htaccess you don’t even generate the web page. This is of particular interest to Dreamhost users, where they seem to have started tracking CPU use more closely.

The method shown here will work on Dreamhost and most other hosted services that allow user defined .htaccess files. Here’s the general approach. In .htaccess, we define the “bad referrer” patterns, which will match the incoming HTTP Referer field. If the BadReferrer variable is set, then we block that request, sending back an HTTP 403 response.

SetEnvIfNoCase Referer ".*.baddomain.com" BadReferrer
SetEnvIfNoCase Referer ".*anotherbaddomain.com" BadReferrer

order deny,allow
deny from env=BadReferrer

The patterns used in .htaccess are regular expressions, which can be a little hard to read. It’s important to precede the “.” in domain names with a “\”. It’s a good idea to save a working copy of .htaccess before you start editing it, since you can make your entire site inaccessible if you accidentally create a pattern that blocks all referrers rather than the unwanted ones. The first case shown above will block “www.baddomain.com”, while the second will block “anotherbaddomain.com”. See the Apache documentation for more complete information on using .htaccess.

Here’s the htaccess blocklist rules I’m currently using to keep out spam domain referrals. The patterns don’t exactly match real domains in all cases, as wildcards are used occasionally to catch variations of the same domain name. (Warning — many of the domain names are predictably offensive.)

If have specific IP addresses that you want to block, you can also define that here:

deny from 10.0.0.1

Blocking individual IP addresses is less useful, since most spam traffic seems to originate from networks of hijacked PCs, with IP addresses all over the world that change frequently. That said, there also seem to be individual spammers who are running spamming applications on their personal computers, which are pretty easy to block in .htaccess.

Here my previous notes on referrer spam:

• Temporary Fix for Referrer Spam
• Referrer Spam IP Blocklist
• Blocking Referrer Spam

I recently decided to give another try to using a Bluetooth headset, and this time around I’m quite happy. I last tried using a Bluetooth headset a few years ago and was unimpressed, both by the high price and by the poor usability. My usual handsfree solution since then has been to use the speakerphone mode on my phone. This works well in the car if you’re by yourself, but can be problematic if others are riding with you.

I wanted a headset that would work with my Nokia 6820 as well as voice applications on my notebook computer, and found the Plantronics Voyager 510, which is able to pair with two devices supporting either the Bluetooth handsfree or headset device profile. The sound quality is good, comparable to a wired headset, it’s comfortable enough to leave on for hours at a time, and the battery life lasts more than a day. The wireless connection works from my desk to anywhere in my office, I’ve tried it to 15-20 feet or so, and also stays connected if I leave the phone in the car and walk around to fill the gas.

The headset can be set up for use on either the right or left, and comes with three eartips of different sizes along with a pair of microphone windscreens.

I’ve been using the headset for the past few days, including several hours of driving between Palo Alto and Los Angeles, and so far am impressed with the improvement over the early Bluetooth headsets, which were expensive, bulkier, sounded worse, and didn’t work well with the cell phones. This may push me back in the direction of getting a smarter phone / PDA device again.

I have to look this up from time to time, usually just after installing a new Linux system intended for use as a test server. There are GUI tools for configuring the firewall, but I usually leave the entire windowing system uninstalled.

By default, many Linux distributions will start up sshd and httpd, but you won’t be able to connect to them over the network, since the ports will be blocked by iptables. The examples below are for Red Hat or CentOS (which is basically Red Hat), and may vary slightly betweenl distributions.

To see the current iptables firewall rules, use iptables –list (that’s two dashes):

[root]# iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

The part we’re interested in is the “RH-Firewall-1-INPUT” list. We need to add two rules, which will accept incoming TCP connections to port 22 (sshd) and port 80 (httpd).

[root]# iptables -I RH-Firewall-1-INPUT 3 -p tcp -m tcp --dport 22 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

[root]# iptables -I RH-Firewall-1-INPUT 3 -p tcp -m tcp --dport 80 --tcp-flags SYN,RST,ACK SYN -j ACCEPT

The additions will now appear in the output of iptables –list:

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http flags:SYN,RST,ACK/SYN
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

You can now connect to the server over the network. Unfortunately, this will only last until it’s rebooted. To save the iptables configuration, do something like:

/etc/init.d/iptables save

This will update the saved configuration in /etc/sysconfig/iptables, which will be used to initialize iptables at boot time.