How To Spot A Psychopath

If you’re looking for a pill that “Delivers Powerful Mind Expansion!”, allows you to “Surpass Current Human Capabilities by 3,000 Years!”, allows you to engage in astral projection and, you know, generally opens up the metauniverses of time, space and love to your liberated Klein-bottle superconsciousness - good news!

There are plenty of those!

Unfortunately, they’re mostly illegal. The ones that’re legal, unless you’re living in some country where the jerks in government have absent-mindedly failed to ban certain plants, usually suck.

Which brings us to the magnificently insane “Magneurol6-S“, also billed as the “Psychic Pill” (man, this post is gonna suck in some choice Google ads).

Magneurol is guaranteed to do exactly what it’s promised to do, which is to say, awaken you to the fact that you are an earthbound god spinning your own mandala of truth and inspiration between the 512 dimensions of the Machine Elves.

The guarantee may well be genuine. If you’re daft enough to buy these pills in the first place, I bet you’re also daft enough to believe they work, especially if you help ‘em along a bit with your favourite entheogen. If you’re just not fantasy-prone enough to talk yourself into believing the pills are working, then you may well still be happy to believe that this is because you weren’t reverent enough, and you just have to buy more (only $US49 for a 30 day supply!) and keep trying.

Magneurol is so named because it contains, wait for it, magnetite. OK, a “proprietary blend” of “Magnetitum”, officially, but they’re happy to call it magnetite elsewhere.

This is, I think, genuinely a bit of a new one. Nutballs of all kinds love to use magnets externally, but eating magnetic substances, not so much.

(If you decide to eat whole magnets, by the way, it’s recommended that you stop at one.)

Along with the magnetic iron oxide, Magneurol also gives you a handful of vitamins, and a couple of chemicals that may or may not have something to do with neurotransmitters. But it really doesn’t matter, because Magneurol is a pill. When you eat something, you digest it, breaking it down into simpler chemicals that the body may or may not later recombine into the same compounds you originally ate.

This fact is a bit of a problem for the quacky-dietary-supplement industry in general. People buy, for instance, shark cartilage pills, because they’ve been told that sharks don’t get cancer, and then they eat them, and the magical shark cartilage is broken down like any other protein (well, insofar as the human digestive tract can break down cartilage - have you noticed people eating a lot of ears and noses?), and nothing happens.

(Oh, and sharks do get cancer, by the way. Of the cartilage, too.)

If you eat magnetite, I’m afraid you will not, as the Magneurol pushers suggest, end up with mystic magnetic particles in your third eye, or whatever. (Actually, they bang on about mysterious tiny bacteria that super-psychic animals are meant to have in their brains, or something.)

If the pills actually do contain magnetite then eating them will, at best, give you a bit of iron supplementation. Most of the magnetite will just go harmlessly through you. Some will dissolve in your stomach acid (if, unlike me, you have plenty of that), and in the process it will stop being magnetite and start being unmagnetised ions in solution, with which your body will do what it can.

I’m sure that your magnetite-laced poo will be very, very psychic, though.

Replacement of hotlinked images is… whimsical today.

(He used to have this, from my subwoofer review. Now he has this.)

(On trolling further down in my referring-URL list for today, I am pleased to note that the priapic rabbit with which I graced this page remains there, pink and proud. He’s Not Safe For Work, by the way, in case you don’t know what “priapic” means.)

Because I Just Don’t Learn about responding to people’s news-announcement e-mails, please find herein my review of Uniblue System’s “newsworthy and highly topical” LocalCooling software.

(Mmm, alpha transparency. Picture of woogle not included in standard install.)

LocalCooling is software for Windows PC power saving. According to the press release, “if enough people join in, the Local Cooling Community could seriously cut CO2 emissions from computers”.

Not that computers themselves actually emit carbon dioxide, of course, but the power stations that run them usually do.

Global warming, LocalCooling. Geddit?

LocalCooling is from the makers of the harmless but largely useless SpeedUpMyPC, which is one of those apps with “273 Five Star Reviews!” because it’s got an affiliate program and all the reviews are from penny-ante sites (like mine) that want to cash in (a temptation I’ve managed to resist. Feel free to throw me a tip in appreciation of my shining incorruptibility).

If you want software to clean your Windows registry, disable useless things in system startup and so on, there’s plenty of excellent freeware you can use. Commercial system-speedup utilities often do more than the freeware does, but they very seldom do anything extra that actually needs to be done. Voodoo memory management twiddlers, for instance, are extremely popular among grunty dads and other Power Users, but (a) Windows’ memory management has actually been very good in every version since Win2000 and (b) memory’s so cheap these days that you’d do better to put the $US30 you’re considering spending on memory-optimisation software towards the price of another whole gigabyte of RAM, which’ll set you back less than $US100.

Aaanyway, LocalCooling restricts itself to power management. It’s got a slick and easy to use interface, but the single functional difference between LocalCooling and the normal Windows Power Options is that LocalCooling lets you set your PC to shut down if it isn’t used for X hours (or even minutes, which could be a good way to annoy someone).

To make that setting more useful, you can tell LocalCooling to not shut down before a particular time (presumably resetting at midnight or something; I was never clear on when you were allowed to start feeding mogwai again, either). You can also tell LocalCooling to never shut the computer down if some particular single application is still running.

If you’re in the habit of forgetting that you’ve left your computer on, then I suppose this could be of some use. But it’s not as if the standard Windows power saving features don’t already have standby/hibernation options. A stood-by PC only draws a few watts, and a hibernated PC draws no more power than it would if it were “off”.

Like many modern appliances, PCs are never really “off” while they’re still connected to a live power socket. The “vampire” draw of all those little red standby lights all over your house, not to mention the watts used by old heavy linear plugpack power supplies and the smaller but still non-zero number of watts drawn by newer lightweight switchmode plugpacks, can add up to a significant amount of juice.

But I don’t have a problem with “off” PCs keeping that one little LED lit on the motherboard and waiting for things like wake-on-LAN signals that will never come, because that extra power also maintains the system BIOS configuration data. Loss of the “CMOS” config is not nearly as big a deal today as it was back in days of yore when losing it meant your computer forgot about all of its hard drives, but it can still be a pain. Modern PCs also have easily replaced lithium coin cell battery backup for CMOS data, instead of the nasty rechargeable or soldered-on lithium batteries that a lot of old PCs had, but that battery will last effectively forever {like, ten years plus} if the PC’s got wall power all the time.

Anyway, only if your PC is unable to hibernate is turning it off really a better option. There’s no power drain difference at all.

And… that’s about it for LocalCooling’s actual functions. It lets you set monitor and hard disk sleep timers as well, but so does the standard Power Options.

LocalCooling also has a neat-o tracker that shows you how many “Trees”, “Gallons” (of oil) and “kilowatt-hours” you’ve saved by using it, but this tracker suffers the most common failing of bad science - arbitrary measurements. Not entirely arbitrary, since it’s calibrated in watts, but it’s got arbitrary fudge factors for the number of watts your PC consumes.

(And also for how those watts convert to trees and gallons, but that doesn’t matter much.)

LocalCooling identifies your CPU, monitor, hard drive(s) and graphics card, but it can only actually have a clue about the real power consumption of the CPU and graphics card. Even then it is basically guessing, because it can’t tell how hard either is working.

It evaluates my Manchester-core Athlon 64 X2 as being good for 59 watts of power consumption, which is a reasonable enough average figure for a well-used computer. But there’s a big difference between idle and working-hard power figures; an easy 50 watts for something like my computer.

Since, like a lot of nerds, I run distributed computing software 24/7, my CPU usage is pegged at 100% all the time and that extra fifty watts ought to be added on.

This is something that a future version of the LocalCooling software could do (this one is only v1.03), since CPU usage is easy to measure and map with moderate accuracy against processor type. But it doesn’t do it yet.

The same applies to the video card. Modern high powered 3D cards really are high powered when they’re doing complicated stuff in 3D mode, but not when I’m sitting here typing text.

LocalCooling estimates only 20 watts for my GeForce 7800 GT. That actually seems to be something like its idle power consumption, with full-blast 3D mode consumption up around 60 watts (Nvidia specify the 7800 GT as an 85 watt card).

LocalCooling could build a proper database of monitor power consumption, too. They have to depend on Windows’ opinion of what monitors are connected being correct, but beyond that they currently just take a wild-ass guess about how much power each monitor consumes. For my 21 inch Samsung CRT they reckon 70 watts, which is OK for a 21 inch LCD, but is a significant under-count for my monitor (which is specified at 125W, but probably more like 100W most of the time). 70 watts would be way off if the “21-22 inch Screen” they detected was actually some old three-foot-deep NEC behemoth.

Oh, and LocalCooling doesn’t yet seem to know if you’ve got multiple monitors. It only notices the primary. That’s bad.

LocalCooling makes a couple of less objectionable guesses, too. It assumes each of your hard drives draws eight watts, which may or may not be an overestimate but doesn’t matter a whole lot, since the difference won’t add up to much unless you’ve got a bunch of 10,000RPM drives or something.

LocalCooling also tacks on an extra 15 watts for “everything else” - system fans, motherboard chipset power, expansion cards and so on. That’s fine; few enough users have a wind tunnel PC full of 30 watt Delta fans.

LocalCooling also doesn’t seem to have any integration with the low power modes that various modern processors have. They can step down to a lower clock speed or even voltage on demand. Of course, you should be able to make that stuff happen anyway, possibly with integrated Windows drivers and maybe with extra software from Intel or AMD, but LocalCooling is happy to duplicate the basic Power Options features, so it ought to do this too.

One day we may be running PCs with hardware monitoring that can actually track the current being drawn from the power supply, perhaps even with some granularity so you can see how much juice each subsystem requires.

We’re not doing that now, though, so it’s impossible for software to really accurately track system power.

LocalCooling could definitely do a considerably better job of it than it does, though. I hope it does in future versions. At the moment all it does is let you join a “community” of people all vying to see how much power they can save. Which is good. But the actual power saving numbers are pretty much random, and LocalCooling does not, currently, actually do anything of importance that you can’t do with plain unvarnished Windows.

All nerds worth their salt know about the Buran. It was the Russian Space Shuttle, that looked like a straight knock-off of the US original a la Concordski, but which actually had considerable improvements over the American horse-designed-by-a-committee.

(In this regard Buran was, arguably, also like Concordski, despite that aircraft’s distressing tendency to fall out of the sky.)

Buran wasn’t completely liberated from the stupidity of the Shuttle’s design. It still sat dangerously on the back of its giant fuel tank rather than in the obviously-more-sensible on-the-nose-of-the-tank position, despite the fact that it didn’t have the rear engines that force the Shuttle to be where it is, getting smacked by foam and blown to bits by booster failures.

But the Buran was still better. The Soviet Shuttle program didn’t get off the ground, but the hardware was just fine.

Anyway, six years ago I was working at the end of Darling Harbour (I didn’t stay there a lot longer…), and was reviewing the then-remarkable, now-pointless Sony Mavica MVC-CD1000 digital camera (it used 77mm CDs for image storage, which was a good idea when a megabyte of memory card cost five bucks, but is ridiculous now that the price is three cents).

And someone came along and parked the OK-GLI Buran aerodynamic test vehicle next to my office.

So I took a picture of it with the Sony…

…and here that picture is.

Click for the full sized version, complete with antique EXIF headers.

After this, that poor old bird got dragged all over the place, and has I think been stuck in Bahrain for some time now. OK-GLI is, however, apparently eventually going to take one last boring sea-and-land trip to a German museum, where it can rest in peace with a Concorde, a Concordski, an enormous Cock, and lots of other neat stuff.

My very good friend Peter at BlueTomorrow has, in our little tiff, adopted the any-publicity-is-good-publicity, bring-it-on-you-little-wusses attitude.

UPDATE: And now he's un-adopted it again. A cynic might suggest that this is because it really, really didn’t work. A starry-eyed believer in the fundamental goodness of the human nature, like me, would take him at his word when he says that he was only asking, not demanding, when he talked about lawyers and Ceasing and Desisting.

Anyhoo, on with the post as it was a few hours ago. Don’t feel obliged to actually do any Googlebombing now.

It strikes me that this is not entirely wise, when your online identity is tenuous enough that the first Google hit for your name is a link farm and the fourth hit for your site name is a PageRank 0 site.

(And yes, that’s a wiki, but don’t be lame and vandalise it.)

When you’re in this situation, you’re a large and soft target for Google bombing. That snarky letters page of mine is going to bubble up the search rankings well enough all by itself, but it won’t take many other people putting the strings “BlueTomorrow” and “Peter Manzella” on their sites for those sites, and the other sites they link to, to swamp the feebly ranked current results.

With any luck Sad to say, but people searching for Peter’s name will, quite soon, have a hard time finding any information about him except the fact that he once alleged a chunk of rampant suckery to be fine journalism, and pissed off some guy in Australia.

[As I write this, a few days after this post first went up, my letters column is Google’s #2 hit in a search for “bluetomorrow”, and I am now officially the Internet’s number one authority on Peter Manzella!]

I’ve never done this kind of Google experiment before. It’s nice to have a deserving target.

(Well, it is until they sue you, anyway. Peter made a vague legal threat, then very rapidly changed his mind, apologised nicely, and now we’re all friendly-like again. It was by far the fastest such cycle I’ve ever encountered, and I’ve done this sort of thing a few times now.)

First, there were Pikashoes.

Then ELECTRi-FRiED.

Now, behold: ELECTRi-FRiED II!

You know what I did for, oh, about sixteen straight hours, a few days ago?

I hunted adware.

I’m so ashamed.

I ran one little program I shouldn’t have. Firefox 2.0 did actually give me its “dude, I really wouldn’t download stuff from here if I were you” warning about the site, but I did it anyway. I trusted the file to be harmless just because a couple of virus checkers said so. In the adventure that followed I found out about an “online malware scan” page that lets you submit any file for easy multi-checker analysis - not that that would necessarily have helped.

Anyway, that’s all I did. Executed one little program, saw one brief flicker of a command prompt window, started my descent into heck.

Because one little slip like that is, of course, enough to allow the corpsefelching murderbait who make their money by frightening grandmothers into paying for things like System Doctor and WinAntiVirusPro to leap upon my computer in much the same quivering, sweaty way that I imagine they leap upon small children. And, needless to say, their own mothers.

All I got were adware pop-ups and a few dumb-ass toolbars and such desperately attempting to install themselves, but this nuisance-level problem was extraordinarily persistent.

I’m sure some of you are familiar with the symptoms. You run one or another spyware killer, and it finds various problems and gets rid of them (the mania of anti-spyware programs for describing 90% of all known cookies as a screaming-klaxon “infection” is a subject for another day…), but you know you haven’t actually dealt with the problem, because weird-named DLLs and EXEs that you can’t delete keep popping up in windows\system32. And crap in the registry matching those files’ names, of course. You can delete the registry entries, but they always come back, as do the files, if you or your spyware-killing software manage to delete them.

I have, however, finally gotten rid of the problem, by using an excellent tool that I didn’t previously know existed. This is probably the outside scoop for most of you, since my skillz are sufficiently 1337 that I haven’t even had to think about installing any sort of anti-malware app since Ad-Aware was the one and only option (digression: Word, Ray!). But perhaps you haven’t been keeping up with the malware/anti-malware arms race for the last couple of years either, and I been suffered The Curse of 1001 Reboots for a couple of days, so I figure you all ought to share some of the pain.

What I tried before I found the one tool that worked:

Spybot-S&D, which successfully spotted all of the crap being dropped, but did not spot the dropper, so it all kept coming back.

Ad-Aware, which doesn’t seem to be much use any more.

Windows Defender, which was worthless. Windows Defender used, of course, to be GIANT AntiSpyware before Microsoft took it over, and people spoke well of that, so I can believe that it’s useful for something. Didn’t do dick for me, though.

The Ewido online scanner. Which found something, I think, but didn’t fix the problem. I have no clear memories of it, since I was hitting my head on the desk pretty hard around then.

Oh, and the Trend Micro online spyware scan, which I gave up on after it had been running for twenty-six hours without finishing.

Avast and AVG, neither of which noticed anything. They’re antivirus programs rather than spyware/adware spotters, but these categories are blurring together.

HijackThis, over whose logs I diligently pored. I knew what every single thing in there was, and not one process had anything to do with the churd-gobbling malware.

A Knoppix boot disc, which didn’t help much because it can’t write to NTFS disks.

A BartPE boot disc, which was more useful, but still didn’t really get me anywhere. You can install anti-malware programs as plugins for BartPE, but they generally don’t work very well, because they look for malware on the running system. That, of course, is the clean BartPE environment from which you just booted, rather than the dirty hard disk Windows install from which you just didn’t.

If you’re dedicated enough to put together a BartPE disc containing a registry editor that can load a registry other than the one it booted with, then you can boot BartPE and load the registry from your hard drive and screw around with it. But this was starting to seem like entirely unnecessary effort to me, because I was going to find the people responsible for the spyware and do something to them with, oh, I don’t know, maybe a salami slicer, after which I would presumably be put somewhere where my computer would not be available anyway.

Booting BartPE or some other NTFS-capable alternative OS allows you to look at the files created by the malware when they’re not multi-locked by important Windows processes (you can only unlock such files by killing those important Windows processes, and then your computer’s broken and can’t go on to actually do whatever it was that you wanted to do to the now-unlocked files). Looking is about all you can do, though; if you delete them they’ll come back when you restart, and many of them are automatically deleted by the spyware as the system shuts down, anyway.

Various spyware uses this horrible strategy now. It’s like a highly evolved version of the old Robin Hood And Friar Tuck story.

Oh, and in case you’re wondering, yes, I booted into Safe Mode. Oh, boy, did I boot into Safe Mode.

I became quite intemperately angry about all this. My computer is, to a large extent, where I live. Many crapware victims are fairly mystified by even a perfectly working computer and so aren’t necessarily especially irked when windows advertising fraudulent antivirus programs keep popping up, because hey, that’s just one more thing they don’t understand.

When you do understand and expect the correct behaviour of your computer, though, this sort of thing is like someone breaking into your house just to piss on your bed.

And this crapware may be as persistent as herpes, but apart from that it’s not even well written. One of the pop-ups I kept getting was a series of Firefox tabs (which probably wanted to be Internet Explorer windows) that were obviously getting their “URLs” from some file that wasn’t being parsed properly. The result was an attempt to open this, and some other HTML header stuff that Firefox I’m Feeling Luckied into http://www.xhtml.com/en/xhtml/reference/, http://www.strict.com/ and http://www.5,.com/.

This made it feel as if the person who kept breaking into the house and pissing on the bed was doing that because he actually wanted to steal the TV, but did not know what a television looked like.

I suppose if you investigate spyware for a living you build up some tolerance for the sheer subhuman exterminability of the people responsible. But I’m not quite there yet. You strap ‘em into Old Sparky, I’ll throw the switch. Or, more realistically, join the queue for my chance to do so.

Anyhoo, after all this, I stumbled upon Prevx1, when I searched for the name of one of the numerous strange DLLs that kept appearing in my system32 directory.

(Malware writers don’t yet, at least, seem to have figured out how to give their files misleading dates. So if you order files by Date Modified, you can easily see the ones that were created on the day when your computer got the clap.)

Prevx1 is a commercial product, but it’s got a fully functional trial period - it’s not one of those stingy programs that scans for ages, finds a long list of scary problems, then tells you you’ve got to pay if you want them fixed. It brings to malware-hunting the collaborative user-network approach that’s already been employed in spam-fighting. This approach only works better than the traditional kind of virus-definition-file system if you’ve got a well-connected network of users, but Prevx1 does.

And Prevx1, finally, worked.

It cleared that adware right up, leaving one still-mildly-locked but easily deleted file, and a few deactivated files and pointless registry entries, plus their symptoms like an unconnected Add/Remove Programs entry for some toolbar or other. Oh, and a few more of those cookies that Spybot and the rest think are such a big deal. CCleaner tidied most of the unconnected registry garbage for me.

Anyway, if I’d tried Prevx1 first, none of the other crap would have been necessary. A regular user would be happy with the unadorned result of the Prevx1 scan.

Without Prevx1, though, it would have been damn close to impossible to clean the computer from this one, single, 28-kilobyte-file-induced infestation, without formatting the boot drive and reinstalling.

Since Prevx1 managed to fix it, I presume someone with spare time, an outboard registry editor and a few Sysinternals tools could have done the same thing. That rules out most of the people who’re paid to clean up spyware for others, though, and sure as hell rules out nearly every plain old user who would like to clean their own computer.

Plenty of spy/ad/whateverware infestations are less horrible than mine, but I’m willing to believe that a lot of them are a great deal worse, given the enthusiasm of ordinary users for (a) sticking with the default Windows root access and (b) installing every darn thing they see, just to see whether the little Desktop Stripper will get it on with BonziBuddy and the Crazy Frog.

In the olden days, support people who just told callers to reinstall Windows were taking the easy way out. They may have had to do it, given the number of callers they had to get through, but reinstalling was still not by a long shot the optimal recovery strategy for almost any problem.

These days, though, I think it’s quite likely that many spyware infestations just can’t be fixed by any means less annoying than nuking from orbit. Prevx1 fixed mine, and perhaps it’ll go from strength to strength and become the go-to guy for all such problems for the foreseeable future, but I wouldn’t bet on it.

Given this fact, and also given the vast amount of time wasted and pain caused by crapware of all kinds, I suppose it would still be uncharitable of me to suggest that the persons responsible could benefit greatly from, say, having a glass turkey baster jammed up their penis, which could then be struck smartly with a club hammer.

I’ve had a while to develop some perspective now, though, and I’m afraid I really can’t see another way.

UPDATE: As I mention here, Prevx have a malware database which you can search by filename.

Herewith, a thingy to do that from here:

I was pleased to hear from Avery Morrow, the author of the ClumsyFingers extension that turns off the questionably helpful auto-address-completion feature in Firefox without making you fiddle with the browser’s guts.

Yea, that extension doth now work with Firefox 2, and verily, it saveth me from attempting to visit such popular URLs as http://www.ebay my search string goes here.net/.

Three cheers for Avery!

You Only Live Once is a tiny little roguelike game, pared down to the bare essence of the genre, but significantly different in ways that can’t be explained without spoiling the fun of playing it.

It started out as a Seven Day Roguelike, but has had a bit more development (read: debugging) since then.

It strikes me as an excellent way to give someone who’s new to roguelikes a look at this strange old kind of game, without scaring them to death with the vastness of the big names.

They’ll still have to get used to dying, though. Fair enough; this is a roguelike, and you’re warned right there in the title.

(The title, by the way, will probably seem rather clever to you once you’ve played the game.)

A while ago, the Make: magazine people told the world a neat little circuit board kit that plays a four-by-four version of Conway’s Life. The kit’s made by Dropout Design, one of the front-runners in the recent nerd-craze for LED-lit disco dance floors.

It was, regrettably, not actually buyable at the time, but it is now. $US19.99 from Make or, ahem, ten bucks from the manufacturers.

Four-by-four Life is kind of like four-square Tic-Tac-Toe, but the boards can be linked together at the edges to make a larger playfield - and you could presumably use long wires to link the edges of your playfield to each other for some good old toroidal wraparound action.

The docs (PDF) don’t explain how the cells actually get populated in the first place, but this is the sort of things that I presume they’ve, you know, thought of.

A more serious problem is that making a reasonable sized playfield would get expensive pretty quickly. A mere 64-by-64-cell field would cost more than $US2500.

Those of us without the money to cover a wall with Life boards may prefer to try the disturbingly complete Mirek’s Cellebration, which plays Life and just about every other cellular automata anyone’s thought of, probably including the rules which will turn out to govern the behaviour of quarks.

(Note also that the Life “Glider” is the Universal Hacker Emblem. I’m not entirely sure that I’d want to be represented by something that tears off in a straight diagonal line to nowhere until it dies, but the Glider certainly is an excellent nerd shibboleth.)

Side note: I’ve found two games in which Life is an easter egg. ADOM’s herb bushes obey Life rules, and so does the fungus in Populous II.

This can be used to devastating effect in both games. Create an R pentomino in either one, and you’ll be rolling in herbs in the first game, and turning the entire population of an area into wet sucking sounds in the second.

Anybody know of any other hidden Lifes?