rlucas.net: The Next Generation Rotating Header Image

[BUG] ActiveRecord woes with SQL Server odd names (spaces and brackets), ntext data types

ActiveRecord (latest versions of ODBC, DBI, and AR as of today
2005-12-01) seems to be having trouble with at least two things that
SQL Server 7 does:

1. The SQL Server adaptor (sqlserver_adaptor.rb) get_table_name sub
expects a name to have no whitespace in it.  The conditional and
regex need to be changed to look for bracketed names like [Poorly
Designed Table].  Then, the columns sub needs to know to take the
brackets off the ends of the names when it looks up the table by its
textual value.  To complicate this, according to
http://msdn2.microsoft.com/en-us/library/ms176027.aspx you can have
either double-quotes or square brackets as your delimiters in SQL
Server names, and you can even escape brackets by doubling.  I
have written hackish code that solves for simple [Dumb Name] tables but
not the whole enchilada, so I'm not posting it here yet.

2. The data type “ntext” seems to create memory allocation problems; I get an error of:

/usr/lib/ruby/site_ruby/1.8/DBD/ODBC/ODBC.rb:220:in `fetch': failed to allocate memory (NoMemoryError)

Running this on CYGWIN_NT-5.1 RANDALL-VAIO 1.5.19s(0.141/4/2) 20051102 13:29:13 i686 unknown unknown Cygwin on Win XP Pro.

WORKAROUND: Excel for Mac toolbars "trapped" off the screen

If you hook up an external monitor to your Mac OS X machine and run Excel 2004 for Mac on it, you might move your toolbars completely or partially over to the second desktop area. If you then remove the external monitor, it is possible for the toolbars to get “stuck” such that only a corner (like the resizing corner) is visible. You can resize them, but not move them back onto your main screen.

You can try to use “Reset” in the View:Toolbars:Customize Toolbars/Menus, but that doesn't work. There's some other reset-to-defaults choice somewhere that I tried (and can't find now) that didn't work either. Quitting and restarting does nothing.

Try going into your home directory (/Users/username) and nuking this file:

/Users/username/Library/Preferences/Microsoft/Excel Toolbars (11)

Upon restarting Excel, they were back to normal location. Problem solved (except for the braindead engineering).

[BUG/WORKAROUND] Microsoft Outlook 2003 / XP can't import vCard notes field; Entourage on Mac can

I am trying to sync my contact information between apps and machines. Here are my absolute, non-negotiable requirements:

with” means I can round-trip in the given format — not necessarily
that it is native, and it's OK if I have to use a tool or a script
intermediary since I'll be scripting this stuff anyhow.)

1. Works with Outlook.

2. Works with Address Book on Mac.

3. Works with abook from the command line.

4. Is editable text in case I need to switch platforms, or do revision control, or any of a host of things.

was good with some kind of cobbled-together vCard solution, until I
discovered that MS Outlook 2003 on Windows XP could export note:
fields in .vcf files (oh, and insult to injury — there is no “Export”
option to vCard, you have to do some right-clicky nonsense or else
highlight all your contacts and “Forward as vCard”) but would not
import those same notes!

Outlook does not round trip a fully-spec'ed RFC standard?!?! What the hell?

(?) my workaround is to use MS Entourage for the Mac, which will
round-trip appropriately and sync itself with the Exchange server at my
work.  For those who cannot, perhaps there is a VBA
solution.  If you have one, please comment; I will update if I
discover how to get Outlook 2003 to accept the notes fields.

Migrating to new rlucas.net domain for most blogging

Gentle reader,

This server has gotten so slow,
probably thanks to Philip's blog, that
I have finally decided to put up my own server elsewhere.  Other
reasons are:

  • I can't use vim here to edit my entries.
  • I hate the HTML munging that this blog software uses.
  • Despite
    the PageRank boost of the .harvard.edu domain, I have decided to opt
    for the branding aspect of my long-time username, rlucas, which has
    been the local part of my Internet email address since 1993 or

And so, I am putting on hold this, my
Berkman blog.  I do intend to keep using it for Harvard-specific
things, on occasion, but my technical notes and, newly, my startup and
VC related dispatches, will be found from now on at my rlucas.net blog.

Class::MethodMaker v2 dies with cryptic "Unknown error" in compilation with bad arguments to use / require

If you use Class::MethodMaker and have a subtle error in your

use Class::MethodMaker [ whatever…];

line, such as not quoting a bareword, you can end up with this error:

Unknown error
Compilation failed in require.
BEGIN failed–compilation aborted.

If this happens, scrutinize your “use” lines and especially your C:MM line.If you use Class::MethodMaker and have a subtle error in your

use Class::MethodMaker [ whatever…];

line, such as not quoting a bareword, you can end up with this error:

Unknown error
Compilation failed in require.
BEGIN failed–compilation aborted.

If this happens, scrutinize your “use” lines and especially your C:MM line.

[FIX] Adobe Reader v.5 fails to open PDF with "There was an error opening this document. A temporary file could not be opened."

If you see “There was an error opening this document.  A temporary file could not be opened.” when trying to open a PDF file, you may need to clean out C:Documents and SettingsUSERNAMELocal SettingsTempAcr*.tmp

Cheers to “gprellwitz” who suggests this here:


Jeers to the MSFT developer who decided that “Documents and Settings” with spaces and mixed caps was a better home directory prefix than “home”

[HOWTO] Getting your profit-sharing plans rolled out of Fidelity's non-prototype retirement accounts as qualified distributions to separate IRAs or 401ks.

If you are a small business with a Profit Sharing Plan / defined
benefit plan set up through an independent benefit advisor firm,
someone may have counseled you to set up your investments at
Fidelity.  They will create a “Non-prototype retirement account”
in the name of your Profit Sharing Plan trust.  You can make
trades and do what you will (although as of late they refuse to let you
buy funds that have even potentially a short term sales charge, which
really drastically limits you) and it's all for the big pool of
money.  As a “non-prototype” plan, Fidelity washes their hands of
the actual record-keeping of who is owed what and how much is vested to
whom, etc.  That's why you're paying your independent benefits
advisor all those fees each year, right?

When you discover that the costs invoved are so high as to cut
seriously into your returns, you'll want to dissolve your profit
sharing plan and distribute the assets among the beneficiaries so each
can put his funds into a low cost IRA.  Your advisor will have you
prepare corporate resolutions to that effect and tell you to distribute
the funds payable to the IRAs or 401ks of the beneficiaries, so that
they are qualified rollovers and so nobody has to withhold taxes for
the IRS.

Try telling that to Fidelity.  If your experience is like mine,
they'll have no idea, then check on things for you.  They'll come
back and say that they can make a check payable to the Trustees, to the
Plan, or they can do a qualified rollover to Fidelity.  They will
swear up and down that they can't send the money to a “contra FI”
(another bank).  They'll transfer you to “Retail Distribution,”
who will tell you that they can only pay out to the order of the
trustees, and that maybe you could have your trustees all sign the
check and then cash it at a bank, but that oh, yes, maybe, I suppose
you could get checkwriting privileges on the Fidelity account
itself.  If you are unlucky, you might try to do this.

However, if things get more and more fubared on your phone call, you
might get transferred to “Retirements Department” where someone puts
you on hold two more times to research and then discovers that yes,
those things mentioned above (only payable to the trustees or via a
Fidelity rollover) are trueish but there is one magical thing to do
otherwise, that will without any fee, cause the funds to be sent to the
new banks and the new IRAs, and that is this.

Prepare a letter containing these magical 5 elements:

1. Direction to Fidelity to make a check payable to “Contra FI FBO
Employee Name Account” (e.g., “Vanguard Funds FBO John Smith Rollover
IRA”), in an exact dollar amount, and with the address to which to send
that check.

2. Certification by the trustees that the distribution is an “eligible rollover distribution.”

3. Statement that the trustees assume all responsibility for
record-keeping for the plan assets and for reporting the distribution
to the IRS for tax purposes.

4. Statement that the trustees indemnify and hold Fidelity harmless for
any liability with respect to processing the direct rollover.

5. Original signature with a bank's signature guarantee from EACH of
the trustees (each must take the letter to the bank and sign in their

Send this mystical incantation, the specs of which are not available to phone reps or on the web site, to:

Fidelity Investments
Attn: Distribution Services
PO BOX 770001
Cincy OH 45277-0035

To their (sort of) credit, they had previously hinted to another
trustee that they needed a “distribution letter,” but did not mention
the 5 requirements, and when I called back to ask about it, had to put
me on hold 6 times and transfer me twice to get me the magical list of
things to do.  My cell phone is now almost out of batteries after
nearly 40 minutes on the line with them.  They were certainly
polite about the whole thing but it does seem a bit disingenuous of
them to keep insisting that we roll into Fidelity IRAs and “forgetting”
about this handy exception.

Of course, if you do this, you had better be damn sure that your p's
are crossed and your q's are dotted with respect to telling Uncle Sam
about the whole thing since Fidelity has now washed its hands of you.

Enjoy your new, rolled-over, low-overhead IRAs and 401ks!

[WARN] MD5 sums irredeemably broken

The MD5 hash function is dangerously unusable at this point.  I
was under the impression, casually following crypto over the last
couple years, that it was weak but likely “good enough” for
non-military, non-banking types of applications.  Dead wrong.

There are now known attacks — and doubtless toolchains for specific
exploits — that permit creating two completely different (but valid)
pieces of plaintext that generate the same MD5 sum.

See http://www.doxpara.com for an example of two mocked-up HTML pages,
one for “Lockheed” and one for “Boeing,” that share the same MD5 hash

See also Wikipedia's MD5 entry (which does not NEARLY sufficiently raise the alarum on this) at http://en.wikipedia.org/wiki/Md5

You might pooh-pooh my admittedly somewhat superficial take on this,
but ignore me at your peril: bad guys are doubtless developing toolkits
for creating two docs, one legit, one malicious, that share the same
MD5 sum.

Bottom line: time to use SHA1 (for a while until someone figures out
how to do the same thing).  Simple enough on debian; “sha1sum” is
in coreutils and is a seeming drop-in replacement for MD5 sums.

Unwire Portland (OR) Project: Public benefit through the "drinking fountain" model

Portland, Oregon is working toward a citywide, privately-operated
wireless network, under a public-private partnership model that
leverages city rights-of-way, among other assets, in return for certain
“public benefits.”  I strongly support this effort (the “Unwire
Portland” project).

The issue at hand is that the currently-proposed public benefit
structure is to create a “walled garden” of hand-picked sites that will
be freely available to the public.  A few moments' reflection
should alarm the reader: who will pick these sites, using what criteria
and what process for review, etc.?  Who will get sued when someone
inevitably disagrees with the choices?

My answer to these concerns is to do away with the “walled garden” and
in its place put a “drinking fountain” model, where each passerby may
take a small “trickle” of an unrestricted Internet connection for free.

I have put together a document supporting the adoption of the drinking fountain model here: http://rlucas.tercent.com/wifi.html

Your comments and suggestions are welcome.

[BUG] Mail::Mailer, Mail::Internet, and MIME::Entity fork / eval oddity

The Perl module Mail::Mailer, and those modules that rely upon it (at
least, Mail::Internet and MIME::Entity), have an undocumented fork that
can wreak havoc with your code if you call the send() method within an
eval {} block.  The solution is to either be very anal about
checking for PIDs or to use a different means for sending your
messages, like MIME::Lite.

Briefly, the problem is that the sending procedure forks, using the
open(“|-“) idiom to create a filehandle for writing to the child, which
immediately exec()'s a sendmail (or whatever) process.  The parent
returns the filehandle, to which is printed the message; the filehandle
is then closed for final sending (this is all hidden in the
Mail::Internet and MIME::Entity classes' send() method).  However,
if you are running in taint mode with an insecure path (for one
example), the exec() will fail in the child and will die.

If you were running this in an eval {} block, and didn't account for
the possibility of a fork within the eval{}, you could find that both
code paths — the success AND the failure code blocks — get
executed.  Since this is often done for db transactions or other
things that might be shared external resources, this could lead to some
nasty race conditions.

In defense of Mail::Mailer, it is *technically* the job of the coder to
check on forks, but this argument ad absurdum would have every line
that calls module code wrapped in an elaborate eval with checking of
the PIDs.  Clearly not OK.

I have explained this bug and opened it up to discussion on
perlmonks.org, at http://perlmonks.org/index.pl?node_id=459739 and have
reported the bug in Mail::Mailer under the MailTools distribution at

The workaround at present is to either 1. obsessively check the PIDs
before and after the eval, or 2. use MIME::Lite, which appears not to
fork.  NOT a valid workaround would be to ignore this becaues your
exec() hasn't died yet or to turn off taint mode.