Hmm, two years is a longtime girlfriend? I wonder how African-American women are handling the news.

An article from an anti-modern-day-turkey-farming advocate detailing the steps from chick to 'adult' for the typical Thanksgiving turkey.

A former Microsoft employee has been sentenced to 17 months in prison for ordering software meant for corporate use and selling it for personal gain, local authorities say.

John McKay, United States Attorney for the Western District of Washington, said in a statement on Tuesday that Kori Robin Brown, 31, ordered more than $6 million (3.5 million pounds) worth of database software that was sold to other parties. Because the products were sent via mail, Brown was convicted of mail fraud.

Simple, cheap solutions can improve things dramatically. It's the same thing in computer programming - Measure first, locate the problem, try a solution, measure again to see if performance has improved.

This fall, Arlington County took over a Metrobus route, a line that plies small neighborhoods south of Arlington National Cemetery and brings commuters to the Pentagon City Metro station.

The day the county took control, it offered the same amount of service on the same schedule. Ridership jumped 30 percent.

What made the difference was a rectangular green box installed at 22 bus stops along the route, said James R. Hamre, the county's transit program coordinator. The boxes displayed a schedule and laminated drawing of the bus route overlaid on the local street map.

"Before, there was basically nothing at the stops except a rusty pole and a 25-year-old Metrobus sign," he said, adding that curious residents immediately started appearing at the stops. "We had people stopping to read the schedules while we were putting them up."

At $76 each, the green boxes were a small investment. And one example of relatively modest, quick improvements that can be made to draw people from their cars and onto the region's existing bus network.

For Dell, the consumer is only 15 percent of their business, according to CNet.com: The pragmatic radical. But I'm sure small businesses would be willing to pick up Walmart boxes if they were cheap, reliable, good service, and you could go to the local Walmart to buy/return/service them.

The spitting image of her movie-star mom, Paulina Gretzky, age 14, stole the show at the first-ever NHL outdoor game on Saturday.

Never mind the media speculation yesterday that she may have been lip-synching the previously recorded lyrics of Sarah McLachlan's I will Remember You, her parents stood -- tears shining in her mom's eyes -- as their eldest daughter performed beneath the spotlight they themselves once knew so well, and now have left behind.

Mr. Gretzky has called Paulina the most competitive of his children. "She has mine and Janet's competitive level," he said.

Ron MacLean, the event's host, said Mr. Gretzky sent a tape of his daughter's singing to Don Metz, who produced the show, and Mr. Metz invited Paulina to perform.

But over the entire 200 miles I drove the car, the average picture was not as pleasant and I never got close to the 51 mpg highway and 60 mpg city certified by the Environmental Protection Agency.

Instead, I averaged 42 mpg in combined city/highway driving.

Frustrated, I sought answers from Toyota and its Prius guru, Dave Hermance. As soon as I said that my commute and other city driving were short trips, Hermance interrupted. “That’s it right there, that’s the problem,” he said, explaining that mileage suffers during the first five minutes of a cold start because of the way the Prius and similar low-polluting cars curb emissions.

That would also explain that while my combined city/highway mileage was 42 mpg, I got just 31 mpg on my five-mile commute to work.

Some cons and potential cons:

- Battery replacement. Toyota warranties the battery powering the electric motor for eight years or 100,000 miles. Replacing that today would cost $3,500 but Toyota hopes the price will come down to $1,000. It also notes that the battery pack has been tested to 150,000 miles without degradation.

- Display screen visibility. While it’s not required to operate the car, the display screen that shows mileage performance and radio/temperature controls can be very difficult to see in bright sun.

- Traffic visibility. The front window frame is at more of an angle than some cars, creating a wider bar that can obstruct views. The rear window has a bar three-quarters of the way down, which also takes some getting used to.

- Backseat vent. It’s not immediately noticeable, but a vent on the backseat door frame plays an important role cooling the battery pack tucked under the luggage area. In fact, Toyota warns not to cover that vent because that could case the battery to overheat.

The manual is, however, required reading given Prius’ special features, among them:

- Towing. The Prius must not be pulled by a camper, or towed with its front wheels on the ground. Doing so can damage the transmission and/or overheat the battery, causing a fire.

- Storage. If the car is not driven for extended periods, the battery should be charged every two weeks by starting it for 30 minutes with all accessories turned off.

- Running out of gas. Never, ever try running the Prius on electric mode if you run out of gasoline.

Watkins also urges trusting the computer, not one’s foot, to optimize performance. So instead of eyeing the mileage monitor and trying to adjust with your foot, just let the computer decide, Watkins advised. That trust included using the cruise control in light traffic as soon as possible. At one point, we were cruising along at 35 mph in electric mode only.

Toronto police have charged a man with theft of telecommunications in a bizarre case that involves downloading child pornography from a laptop in a moving car and using other people's computer networks to obtain the images.

A look at how Ford engineers optimized the engine and exhaust system to reduce emissions to 10% of the previous model's emissions.

For a liberal party, most of the Democratic Presidential candidates are against same-sex marriages, but are willing to accept same-sex unions. I guess that's the liberal euphemism for marriage. Interesting to see how this will play out in the media in 2004. No second-guessing about Bush's opinion...

Democrats! At least for the past 72 years. They have no reason why that is or if it's the stock market that predicts the President. Also investors don't seem to take advantage of this fact.

Many techies are complaining about offshoring, but automation threatens the service industry. Not all cashiers are gumpy or customer-surly, but there are enough to tarnish the ones who are happy with their jobs. Plus all the usual problems that management has with workers spells doom for a large portion of the service industry.

Maybe Mr. Joy likes Mac OS X more than Linux because OS X is based on BSD?

And yet you've been famously cool about Linux.

Re-implementing what I designed in 1979 is not interesting to me personally. For kids who are 20 years younger than me, Linux is a great way to cut your teeth. It's a cultural phenomenon and a business phenomenon. Mac OS X is a rock-solid system that's beautifully designed. I much prefer it to Linux.

She was surprised by the sexual concepts that seem to be woven into the minds of middle school students.

"It's not so much that more kids are having sex -- I don't think they are -- it's just that it sure is part of their vocabulary and psyche in a way that it didn't used to be."

In "Not Much Just Chillin'" Perlstein explains that the phenomenon of "freak" dancing, where a boy approaches a girl from behind and grinds his groin against her, has trickled down to middle school.

"The most shocking thing, the single most shocking five-second thing, is to see a bunch of 12-year-olds freak dance," Perlstein said.

The survey, hosted on Wily Technology's own site, pulled in responses from a self-selected group of 360 enterprises representing 16 industries, 43 countries, and equally divided between large and small organizations, according to Mike Malloy, vice president of marketing in Brisbane.

With an average availability of 88 percent, that is "the equivalent of having an application down one day a week," said Malloy. The survey showed that half of the organizations in the survey experienced less than 96 percent availability for their J2EE applications, which is nearly seven hours of down time per week. And the worst availability for applications indicated was 81 percent downtime, or 4.5 hours a day.

When it comes to meeting performance expectations, respondents also reported that on average they achieved their target performance only 80 percent of the time. Some 65 percent of the respondents reported achieving their target performance 90 percent of the time. Wily defined performance as the ability to process user sessions at the designed rate of throughput.

"On average only 42 percent of the time, the application performs as planned when it's deployed. Sixty percent of the time, it's not meeting user expectations," said Malloy.

According to Malloy, these organizations typically learn of a problem with the application because a customer or executive calls to complain. In 40 percent of the cases, that first notice was a phone call from an end user. The typical reaction to problems is to call a group meeting. "This is a symptom of not having a process for dealing with problems," asserted Malloy.

Surprisingly, the actual code of an application caused problems only one out of eight times, the survey said. The rest of the time, problems originate in the application environment and in connected systems. In order of frequency after application code bugs were: issues with configuration and tuning, architecture, database connections, design problems, memory leaks, capacity planning miscalculations, Java virtual machine issues, and then nine other categories of problems.

Gaps showing up. Who knows how long this has been going on. If the hospitals had kept quiet, it'd be hard to track any possible problems back to the hospital.

Sources said Black could be on the hook for criminal liabilities stemming from the disclosure that he accepted unauthorized payments from the company - which, if he is convicted, could get him booted from the House of Lords.

Considering he gave up his Canadian citizenship to become a british Lord, I think he'll doi almost anything possible to avoid being de-lorded.

Nearly 20 percent of companies that farmed out IT work did not achieve any cost reductions, while 9.2 percent experienced an increase in costs, according to a survey by people3, a Gartner company.

In addition, just 21.1 percent of the survey’s 76 respondents reported a cost savings greater than 20 percent as a result of their IT outsourcing efforts. Gartner published the results Monday.

He didn't leave Seattle for the money. Yeah, right. Everyone in Seattle believed that, especially after they heard how much his Texas lords were paying him. Now he's in his own purgatory - big individual stats and a guaranteed start to his golf season unless Texas gets very lucky.

Looks like the IE patch causes problems with the scrollbar. Weird.

"If you had a grand piano, wouldn't you want to play it?" Dolly Parton to David Letterman after she offered to be a wet nurse for Dave... Dave's baby son that is.

Whoops

I want in on this.

Nice to see these health workers putting their bottom line above the health of the nation's people.

Canadian Red Cross officials knew about a test that could have helped screen out blood tainted by hepatitis C in 1981 but did not begin using it until 1990, documents obtained by a U.S. newspaper show.

"As long as a test is not part of the standard operating procedures, the ARC (American Red Cross) cannot be held legally responsible for any illness resulting from transfusion with elevated ALT levels," Derrick wrote in the report.

The test, which detects elevated levels of a liver enzyme, had been found to predict the presence of hepatitis C with about 30 per cent accuracy.

The documents unearthed by The Kansas City Star shed new light on why the Canadian and U.S. Red Cross delayed testing. A U.S. expert group had recommended countrywide use of the test in January, 1981. Yet the testing was not begun until 1986 in the U.S. and not until 1990 in Canada.

The Canadian government has paid compensation to hepatitis C victims infected from 1986 to 1990, but has excluded people infected before 1986, saying there was no test available before then.

"The whole frame of mind was, `We're not going to do anything more than we have to.' It's clear what he's also saying is, `Until the government tells us we've got to do it, we're not going to do it.'"

What do you expect for a group that derives revenue from issuing patents. Lotsa marginal stuff is gonna get rubber-stamped that a competent person in the area would say is obvious. Only the lawyers and these patent-only firms come out on top. Little guys with few resources will get stomped on by big corps, patent or no patent.

Four American track and field athletes have tested positive for the steroid THG after backup B samples confirmed positive A tests.

Gyulai also pressed American officials to name the four athletes.

"This is the only country at the moment which doesn't give us the names right after the A [samples]," he said. "All the others provide the names. This little issue is still to be brought into line with IAAF regulations."

A fifth athlete, British sprinter Dwain Chambers, has recorded positive A and B results for THG, or tetrahydrogestrinone, after an out-of-competition test in August in Germany. Chambers was suspended earlier this month by UK Athletics.

HOW TO: Trace ServerXMLHTTP Calls Using the Winhttptracecfg Tracing Tool in XML

Whew. Just spent a few minutes downloading and applying all the patches that I was missing. Now I'm up to date for 2003.

I think Roy's agent will be rewriting his contract soon.

Halladay gets a $100,000 bonus for winning, Loaiza gets $90,000 for finishing second and Martinez $500,000 for finishing third.

Not like anyone can call him on his bluff.

This is pretty bizarre. Even more so when watching the late night North American talk shows, who were referring to the latest alleged Prince Charles scandal in roundabout ways. Doesn't seem like the English/Welsh ban on this story would have much deterrence. All you need to do is google "Prince Charles scandal" and, Bam!, on the first page there are links to stories revealing details about the allegations.

Just in time for Remembrance Day.

Microsoft Security Bulletin MS03-051 - Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution (813360)

Microsoft Security Bulletin MS03-050 - Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)

Microsoft Security Bulletin MS03-049 - Buffer Overrun in the Workstation Service Could Allow Code Execution (828749)

Microsoft Security Bulletin MS03-048 - Cumulative Security Update for Internet Explorer (824145). No buffer overflows, but there are some cross-site scripting bugs and a couple of possible data-revealing bugs.

Dang. Could've saved myself a few $$$ if I had read this first. A couple of decent action scenes, but the plot seems weak. Neo and Trinity's trek seems like Frodo and Sam's journey to Mordor.

Hmmm. I've heard of a company founder hiring more mature management, but a 72-year old passing the baton to a 90-year old?!

For instance, the sample of Baker's Double Chocolate Chunk cookie came in at 369 calories, 48 percent higher than the 250 calories listed on its label. The FDA allows a 20 percent margin of error for nutritional information.

Article about the country retreat of Canada's next Prime Minister. I wonder why most of the recent PMs tend to come from Quebec?

It's true that you don't need perfect code for good security. If your I/O code is perfect, but the rest is crud, then security is a lot easier for you.

ITB: Security starts with the developer. What do you think that developers can do to harden their apps and how is Microsoft helping with tools?

BG: You don't need perfect code to avoid security problems. There are things we're doing that are making code closer to perfect, in terms of tools and security audits and things like that. But there are two other techniques: one is called firewalling and the other is called keeping the software up to date. None of these problems (viruses and worms) happened to people who did either one of those things. If you had your firewall set up the right way — and when I say firewall I include scanning e-mail and scanning file transfer -- you wouldn't have had a problem. But did we have the tools that made that easy and automatic and that you could really audit that you had done it? No. Microsoft in particular and the industry in general didn’t have it.

The second is just the updating thing. Anybody who kept their software up to date didn't run into any of those problems, because the fixes preceded the exploit. Now the times between when the vulnerability was published and when somebody has exploited it, those have been going down, but in every case at this stage we've had the fix out before the exploit. So next is making it easy to do the updating, not for general features but just for the very few critical security things, and then reducing the size of those patches, and reducing the frequency of the patches, which gets you back to the code quality issues. We have to bring these things to bear, and the very dramatic things that we can do in the short term have to do with the firewalls and the updating infrastructure.

ITB: What about all the reports about vulnerabilities in Microsoft product recently?

BG: We've seen an order of magnitude less vulnerability in the code that's been through the new tools, and we need about another order of magnitude. We've had 12 things in about an eight month period in Windows Server 2003 and with the equivalent level of attack in the previous generation we would have had over 100. We had 43, but adjusting for the level of intensity it's a factor of 10 difference. If we can get another factor of 10, which would get you down to 1.2, plus the improvements in the patching and updating, that's what people want. That should be doable, but that’s the piece that doesn't happen overnight. It’s a matter of giving people the tools, it's people not understanding the design of APIs where you get vulnerabilities. Certainly there are whole classes of vulnerabilities like buffer overruns that are very well understood at this point, and the scanning tools are very good and the compiler switches are very good.

Charles Simonyi talking about his ideas of how to improve programming.