Can’t copy address bar from Google Chrome

I’ve had periodic problems with Google Chrome on Windows (Version 32.0.1700.102 m, but this has also happened occasionally in the past); sometimes it will refuse to copy the address bar.

Instead of copying, it will clear the clipboard.

Copying from other places, such as a web page (content or using Right-click / Copy Link Address) works fine.

Not sure if it’s an environmental issue — only seems to happen on my work machine; I haven’t seen the same at home.

Very odd.

Blogging it here because I can’t see any mentions of it online (which might be because it’s just me). Will post back if I find the solution.

Update 2014-01-31: I uninstalled and reinstalled Chrome… it seems to work again, for now.

Update 2014-02-05: The problem seems to have come back. Very odd.

Update 2014-02-20: Some old posts on a related problem seemed to suggest it might be a Chrome Extension causing issues, so I removed all of mine. The problem seems to still be intermittently occurring.

Postscript: As per the comments, if you have Remote Desktop running, try shutting it down.

ANZ: The rodeo clowns of online security

For years now I’ve been… less than impressed with the ANZ bank’s concept of how a secure banking website should work. Finally they’ve taken steps to harden their site. They’ve introduced “secret questions”, like “who was your best friend in high school”, “what’s your partner’s nickname” and “what’s your nickname for your youngest child”. At last, my money is now safe from thieves who will never guess that my my partner’s nickname is Cathy, my best friend in High School was Robert, and my youngest’s nickname is Marky. Oh, darn! I accidentally disclosed the answers to those secret questions! It’s as if that information would be widely available to any thief who took the time to look me up on Facebook (don’t bother, I’m not on Facebook).

Because in providing answers to these questions the security on my account was going up, not down, I couldn’t possibly be allowed to opt-out, with dire warnings about being liable for losses if someone found out the answers. To these most basic of questions.

Most other banks have implemented two-factor authentication. Even G-mail has two-factor authentication. But not the ANZ, they’ve stepped things up a notch. They’ve eschewed two-factor, and gone for “You’ll never guess the name of my pet, which I post on Facebook all day long”.

So I took my standard defensive action: attack surface reduction and target-value minimisation. To reduce the attack surface, for each answer I mashed the keyboard – so thieves, remember my first Primary School was in the suburb of pwofkmvosffslkdflsifcmmsmclsefscdsfpsdfpefsdflsd, or something. To minimise the value of the target, I swept all the funds out of the account. What’s wrong the the technique of establishing identity by the production and examination of 100 points of identifying documents?  Why do I need to have a favourite colour?

Cathy worked for the ANZ until recently, and the day she received her final paypacket she shut the account. Hated their account with a passion, but the ANZ is incapable of paying their employees through anything other than an ANZ account. Because, you know, banking is hard.

Install mwparserfromhell on Linux

Here’s how to install mwparserfromhell on Linux:

sudo apt-get install python-dev
sudo apt-get install python-pip
git clone https://github.com/earwig/mwparserfromhell.git
cd mwparserfromhell
python setup.py install

After which, wikitools by MrZ-man is nice for power-users:
svn co https://github.com/alexz-enwp/wikitools
cd wikitools/trunk
sudo python setup.py install

Installing Pygal into Cygwin

Pygal is a python library for emitting SVG charts. It might do PNGs too; the documentation is… sparse. Okay, there’s no documentation, but they show you several ways to make bar charts, and figure you can follow on from there.  Anyways, the installation instructions don’t work, not under cygwin.

Here’s what you should do:

  1. ensure cygwin has the libs libxml2-devel and libxslt-devel installed
  2. issue the command
    cygwin$ pip install pygal

and you’re done. Getting pip into cygwin is a whole world of hurt, but you will need to go looking for a http (not https) source to download setuptools, then download and run ez_setup.py, followed by using pip to upgrade setuptools. Have fun with that; I know I did.

Nvidia 8800GT nvlddmkm.sys blue screen of death

I’ve got two old Mac Pros, and on one of them, the Nvidia 8800GT video card suddenly started causing weird errors in Windows.

Nvidia crash

Then it started doing the blue screen of death repeatedly, a crash in nvlddmkm.sys.

Nvidia blue screen

I have no idea why it started happening now — the Nvidia drivers don’t appear to have been updated for months, and Windows Update hasn’t installed anything for almost a week.

Oh well.

Boot into Safe Mode With Networking

Download the latest drivers

Install with Clean Option on

Reboot

Seems now to work, touch wood.

Update 2013-11-19 18:45 — No such luck. It seemed fine this morning, but later on started crashing like before. Investigations continue.

Update 2013-11-19 21:00 — After playing around disabling various things, and puzzling over what might have updated itself (since there was nothing recently installed or patched listed by Windows), I think I may have found the culprit: the Steam client beta (which I’m using to get the family sharing trial). Have disabled this, and Windows seems to be stable again. Will try it for a bit longer, then report findings to Steam.

Update 2013-11-20 — It couldn’t be that easy, of course. And I have dissed Steam without justification. The video card is still playing up — now so much so that:

  • a lovely speckly pattern appears when booting
  • Windows proclaims the video card isn’t working, and automatically puts us into Base Video (640×480) mode
  • OS X won’t boot at all — the GUI presumably tries to come up, then it reboots

Oh dear. Trouble in video card land.

The card is an NVidia GeForce 8800 GT, quite a nicely specced card. I suspect it’ll need replacing, dammit.

Update 28/11/2013: As per the comments I found another spare PCIe card (an ATI Radeon 3870) which works… in Windows. Not in OS X. Even the broken card partially works in Windows, but not at all in OS X.

A workmate pointed me to the Tony Mac x86 web site, where I found a good list of graphics cards compatible with OS X.

Thankfully however this specific machine is mostly used for Windows-only, so there’s no tearing rush. In fact Windows performance index thingy rates the ATI card slightly higher than the nVidia one.

One option is to buy the official Apple-supported Mac Pro video upgrade kit, an ATI Radeon HD5770, which is A$299. Despite the Apple site claiming it requires a post-2010 Mac Pro, plenty of sources indicate it’s fine with a 2008.

Update 2014-04-08: New video card bought and successfully installed

Allow more JavaScript, maintain privacy

I’ve long regarded JavaScript in the browser to be one of the biggest security holes in web-browsing, and at the same time the Internet works less and less well without it. In 2008 Joel Spolsky made the observation that for some people the Internet is just broken:

Spolsky:   Does anybody really turn off JavaScript nowadays, and like successfully surf the Internets?

Atwood:   Yeah, I was going through my blog…

Spolsky:   It seems like half of all sites would be broken.

Which is not wrong.  Things have changed in the last five years, and now the Internet is even more broken if you’re not willing to do whatever random things the site you’re looking at tells you to, and whatever other random sites that site links off to tell you to, plus whatever their JavaScript in turn tells you to. This bugs me because it marginalizes the vulnerable (the visually impaired, specifically), and is also a gaping security hole.  And the performance drain!

Normally I rock with JavaScript disabling tools and part of my tin-foil-hat approach to the Internet, but I’m now seeing that the Internet is increasingly dependent on fat clients. I’ve seen blogging sites that come up empty, because they can’t lay out their content without client-side scripting and refuse to fall back gracefully.

So, I need finer granularity of control.  Part one is RequestPolicy for FireFox, similar to which (but not as fine-grained) is Cross-Domain Request Filter for Chrome.

The extensive tracking performed by Google, Facebook, Twitter et al gives me the willys. These particular organisations can be blocked by ShareMeNot, but the galling thing is that the ShareMeNot download page demands JavaScript to display a screenshot and a clickable graphical button – which could easily been implemented as an image with a href. What the hell is wrong with kids these days?

Anyway, here’s the base configuration for my browsers these days:

FireFox Chrome Reason
HTTPSEverywhere HTTPSEverywhere Avoid inadvertent privacy leakage
Self Destructing Cookies “Third party cookies and site data” is blocked via the browser’s Settings, manual approval of individual third party cookies. Avoid tracking; StackOverflow (for example) completely breaks without cookies
RequestPolicy Cross-Domain Request Filter for Chrome Browser security and performance, avoid tracking
NoScript NotScripts Browser security and performance, avoid tracking
AdBlock Edge Adblock Plus Ad blocking
DoNotTrackMe DoNotTrackMe Avoid tracking – use social media when you want, not all the time
Firegloves (no longer available), could replace with Blender or Blend In I’ve have had layout issues when using Firegloves and couldn’t turn it off site-by-site

Subtitling tries to make me dumber

I was watching Todd Sampson‘s Redesign My brain S1E1 Make Me Smarter and noticed the subtitling was annoyingly wrong. FMRI was subtitled as MRI. Baseline became based on – and there was more errors. My hearing’s not super-great, but even I could tell that these weren’t right.

Twice I’ve seen subtitling so bad that I’ve been prompted to find out who did it. Last time it was Jacqui Mapoon at CSI.

This time it was Jacqui Mapoon at CSI. Either Jacqui does a lot of work for CSI and sometimes has bad days, or she does a little work and often screws it up. What are the odds that on the two occasions I notice very bad subtitling, the same person’s behind it?  Subtitling is a very specialized field, so there can’t be that many people doing it, but at the same time a lot of TV is subtitled. I know from personal experience that subtitling takes at least 5 minutes per minute of show, and can take more if it’s particularly speech-heavy. There are a few hours of TV a night requiring subtitles, and it’d take one person one day to subtitle one hour of TV, so there’s probably a few dozen people in Australia doing it; live subtitling is a different specialty. Perhaps work processes need to be changed; I know I proof my subtitling after having done it, and spot errors. Perhaps someone other than the original subtitler ought to do the final proofing? Proof-reading error rates would show whose work needed more attention.

Most of the subtitles that I’ve seen are great – precisely timed transcriptions of the spoken dialogue, either exact reproductions or well thought through précis, contracted just enough to be faithful to the words and the intent whilst also fitting on the screen. For some reason American stuff is all caps unless the character is off-screen. Given so many in this industry can get it transparently right, why does one person’s work repeatedly poke me in the eye? Somebody give Jacqui some training, stat!

Please make it okay for KITT to drive itself around

Driverless vehicles are coming. A clear legal framework will make them come all the sooner, and there’s an opportunity to make autonomous vehicles as safe as passenger aircraft.

Don't drive a car like a smuck, get the car to drive you!

Don’t drive a car like a smuck, get the car to drive you!

Make the manufacturer(1) solely responsible for all liabilities incurred by the vehicle, driverless or not. Transfer this liability to anyone who modifies the vehicle without manufacturer approval(2) – covering up sensors, adding systems, modifying software etc. While autonomous, fines for driving infractions are the responsibility of the manufacturer; demerit points are treated as unidentified and the fine for failing to identify the driver is payable by the manufacturer. Annual vehicle registration fees(3) remain payable by the vehicle owner, but third party insurance costs – personal and property – are remitted to the manufacturer, who could be expected to pay you to… not drive the car – if you drive the car, that creates an uncontrollable liability, but if the car drives itself then the risks are only those that are those due to the product, which presumably would lead to product improvement to decrease crashes and injury.

How would you force owners of cars that are the liability of someone else to properly maintain them? Simple; you make the manufacturer cover maintenance costs too – tyres, servicing etc. So now we’re getting to the point where we ask: what are people paying for cars that they only have to cover the running expenses for? How does the manufacturer recoup the cost of maintenance? Doesn’t really matter, but I think you’ll see that driverless cars will only be able to be leased, or hired, or rented, or some other such model. They’d basically be taxis – paid for by time and distance.

Every driverless crash will be investigated by a federal body – the Australian Transport Safety Bureau. To aid investigations, vehicles will be required to detect crashes and refuse to function after them; extensive data logging like on aircraft will be mandated. Because of the lack of humans involved, crashes come down to systems failure and the crash rate should be highly controllable.

 

Fly, KITT, fly

(1) Autonomous vehicle manufacturers might baulk at these plans to make them directly fiscally responsible for their products. Fine; they could instead put an insurance/finance company in as the responsible entity, but whomever is responsible would have to prove to the government their capability to meet their contingent liabilities.

(2) That is, you can hack your car if you want. But if you do, you wear the (potentially quite substantial) risks associated with having done so. Find an insurance company that’s willing to cover you (ha!).

Have you played thePopulation: Tire game? If not, you haven't lived.

Have you played thePopulation: Tire game? If not, you haven’t lived.

(3) Why do we charge registration fees? Owning a car doesn’t impose any costs on society. Driving it does; parking it does. There ought to be taxes on… tyres. The consumption of tyres by a vehicle is roughly correlated to the wear and tear on infrastructure and other externalities. Motorbikes, two tyres; semis eighteen or more. There are already taxes on fuel, again because of externalities – and presumably, because they’re easy-to-levy taxes that are hard to avoid. But infrastructure wear is not a function of fuel consumption, but it is a function of using tyres. The problem with a tyre tax is that people will naturally buy tyres that last a long time, rather than other considerations – for example braking efficiency; to address this some wear factor ought to be applied too.

Australian electoral fraud

An undamaged security cable tie

If the security cable tie isn’t pulled tight engaging the teeth, it can be pulled right off. If it was secured, it would have been damaged while being removed (with scissors).

I did scrutineering at the last Victorian state election, and apart from the shocking level of informal voting and above-the-line voting, there was another shock.

Electoral fraud – or the possibility of it.

The nice thing about living in Australia is that we take our democracy seriously, and we balance being able to prove that what the outcome was with ballot secrecy. Nobody, no level of government or industry, no individual, will know how you voted without you telling them. Yet at the same time we can have confidence that our electoral system is not being rorted; our governments change back and forth, and each time it does representatives of both sides keep a close watch on the activities of the employees of the AEC and VEC, eyeballing each individual vote and knowing that they are all distinctly different from the others in spite of being a collection of handwritten marks on a slip of paper.

To minimize the risks of ballot box tampering, at the start of voting the ballot boxes (just big cardboard boxes here in Australia) are sealed shut with serialized cable-ties. An independent somebody witnesses this when an Electoral Commission employee does this (typically the first voters who wandered into the polling station), and their details are recorded (by details, I think that means signature, but it could be actually enough to track the person down afterwards) and they sign the form that records the sealing of those particular ballot boxes.

So how come they use cable ties that can be “done up” and yet the teeth don’t engage – thus leading to an unsealed ballot box? Is it too much to ask for a cable tie with teeth on both sides?

I should have kicked up a fuss, but it was a safe booth in a safe seat, and who needs the hassle?

Anyways, the reason I relate this story is that I’ve been seeing comments along the lines of “this is the 21st century, why they hell are we using pencil and paper?”  Because, dickwads, computers don’t leave a fucking audit trail.  There’s no scrutineering of electrons.  How the hell are you meant to verify that Clive Palmer didn’t in fact get 98% of the vote?  You can’t.  Interesting that Clive Palmer owns the company that supplied all of the (suspiciously cheap) voting machines to the AEC, but that hasn’t got anything to do with it. And the cost! Pencils are 10c each, paper is about a cent a sheet.  A shitty computer is $500, and requires a bunch of electricity. “Do it on the Internet, or use smart phones!” I hear you say. No, because while nearly everyone can move a pencil around, significantly fewer can use their computer to vote. And there’s no connection between how you voted, and the counting of votes. The announced result could be anything, and there’d be absolutely no way of proving it wrong.  So, yes, computers are shiny and clearly the best way of implementing a voting system, if you want an electoral system you can’t actually trust.