From: Jack Ganssle [jack@ganssle.com]
Sent: Tuesday, February 17, 2004 3:11 PM
To: embedded@ganssle.com
Subject: The Embedded Muse 93


The Embedded Muse

------------------------------------------------------------
Embedded Muse 93    Copyright 2004 TGG      February 17, 2004
------------------------------------------------------------
You may redistribute this newsletter for noncommercial purposes. For 
commercial use contact info@ganssle.com.

EDITOR: Jack Ganssle, jack@ganssle.com

CONTENTS:
- Editor’s Notes
- Redefining C’s Operators
- MyDoom and Spam
- Jobs!
- Joke for the Week
- About The Embedded Muse


Editor’s Notes
--------------
The Embedded Systems Conference is next month in San Francisco. I’ll be 
teaching a class about Managing Embedded Projects on Monday March 29th. 
Tuesday I’ll moderate a Shop Talk discussion called “The Future of 
Engineering in an Outsourcing World” (from 7:15 AM to 8:15). The conference 
is always a fun time; do come by and say “hi”.

My assistant’s valiant web-work is paying off; now the long-neglected 
“articles” section of <http://www.ganssle.com/>http://www.ganssle.com is up 
to date. Even better, the articles are sorted by category and title.

We’re talking about hosting a public Better Firmware Faster seminar in the 
near future, though the press of the onsite seminars and too many other 
projects keeps pushing this to the bottom of the pile. But we’ve put a poll 
on the website to allow folks to vote for the best location for the next 
public class. Feel free to cast your vote at http://www.ganssle.com.

In Muse 92 I suggested logging your interruptions. Bob Paddock sent in this 
link (<http://www.syntap.com/>http://www.syntap.com/); it’s for a 
time-logger that looks simple and very effective.

Thanks to so many who sent in debouncing algorithms. I’m drowning in email 
but am looking at each carefully.


Redefining C’s Operators
------------------------
Chester Page sent along a bit of wisdom that’s useful for many of us. I’ll 
just quote his email here:

Back in EM85, you noted that several people had suggested putting constants 
on the left side of compares, so that the compiler would honk if <=> was 
used instead of <==>, with the aim of reducing the risk of inadvertently 
altering a variable when intending to compare it.

Well, yeah...  Fine, if one of the comparands happens to be a constant.

There's a more general fix for this problem, which is so obvious that I 
expected that dozens of people would instantly bring it to your attention, 
and that you would pass it on. As I haven't seen mention of it in later 
EM's, I'm bringing it to your attention myself, just to be sure that you've 
seen it.

About the 4077th time I mashed a C program by typing <=> when I meant <==> 
-- no doubt from having been corrupted by writing a lot of code in BASIC, 
with its promiscuous use of <=> for both assignment and comparison -- I 
decided that I just didn't like using <==> in the first place -- both for 
aesthetic reasons and because it was too similar, visually, to <=> -- and 
that I would thereafter -- no doubt from having been corrupted by writing a 
lot of code in FORTRAN -- use only <EQ> and its siblings for 
comparisons.  Thanks to C's much-maligned <#define> statement, this was 
trivial to implement:

  #define EQ ==
  #define GE >=
  #define GT >
  #define LE <=
  #define LT <
  #define NE !=

This makes a comparison very conspicuously a comparison.

After having to maintain a lot of my own legacy code for a while, I decided 
that the most important function of source code is not to describe an 
algorithm to a compiler, but to describe the intent of the program to the 
next person who has to deal with it, and that making a program maintainable 
is more important than making it any faster or as smaller than necessary, 
and infinitely more important than being concise in the source 
implementation.  For this reason, I never, ever, write a comparison that 
does not contain an explicit comparison operator:

Always

  if ( i NE 0 )
  {
  }
and never

  if ( i )
  {
  }

and even

  if ( BooleanVariable EQ TRUE)
  {
  }

As I said, all this is obvious:  I know several other programmers who have, 
entirely on their own, come up with the identical fix.  But it is perhaps 
still worth passing on.


MyDoom and Spam
---------------
Though this isn’t an embedded topic, it’s surely relevant to all of us 
using the Internet. I’m passing along my Internet Strategic Defense 
Initiative, in case some may find it useful.

Email is a great resource, but lately spammers and virus writers are 
crippling it. The statistics are appalling: something like 60% of all email 
is spam.

I’m averaging about 1000 spams per day now. MyDoom adds another couple of 
hundred messages, both from the virus itself and bounce messages from 
anti-virus programs that mistakenly believe they’ve received the virus in 
an email from me.

Some time ago I installed spamassassin 
(<http://www.spamassassin.org/>http://www.spamassassin.org) on my Linux 
server. By tuning its rules and being aggressive with the blacklist it’s 
about 95% effective at catching spam.

Some people like various PC-hosted spam filters. While traveling I usually 
am stuck with dial-up (or, this summer while sailing, an unreliable 9600 
baud satphone connection), so it’s important to me that most of the spam 
elimination happens on the server itself. Downloading 1000 spams before 
filtering would drive me mad. Spamassassin fills the bill precisely.

Spamassassin tosses spam into a file named “caughtspam” in the /home 
directory. Worried about false positives I wrote a rather long script that 
analyzes caughtspam. It applies a hundred or so tests to each spam, 
filtering out those that are obviously unwanted. Duplicate messages, those 
that contain the usual spamsy words, those from known spammers are all 
rejected.

Feel free to download and use the script from 
http://www.ganssle.com/misc/spam-chk.

Other messages that don’t fit the profile of these rules are stripped 
apart; my script generates a file of From: addresses and Subject: lines 
that I review from time to time, searching for emails spamassassin 
incorrectly filtered out. Some 5 to 10% of the spam in caughtspam winds up 
in this manual review file.

After a year of this – and a quarter million spams – spamassassin has NEVER 
tagged a false positive. Though it leaks some spam to me, it never 
incorrectly identifies a good email as spam. So I no longer run the script, 
and just delete caughtspam from time to time.

But MyDoom flows right through spamassassin. There’s little that’s 
spam-like about this bit of nastiness. The message is rather random and 
benign, and the return addresses are usually valid. MyDoom raids infected 
machines’ address books, using these addresses as return addresses, so if 
you apparently get the virus from a friend, rest assured that the odds are 
your pal didn’t send the virus. It came from someone else, a poor sod whose 
address book contains your friend’s email address.

<mailto:jack@ganssle.com>jack@ganssle.com is apparently in one heck of a 
lot of address books out there, because I’ve been flooded recently with 
bounce messages from anti-virus software that accuses me of sending this beast.

It’s not coming from me! My computers are insulated from the ‘net by a 
hardware firewall. Its logs show a half-dozen port probes per minute, but 
every port is closed so none get through. Each machine runs a software 
firewall (Zonealarm, from http://zonealarm.com).

I won’t allow a machine in the front door if it has Outlook installed, 
since Outlook is the prime victim of attack by (curse them!) scumbag virus 
writers and immature pimply-faced script kiddies. We do run Windows on the 
client machines, and have found XP to be quite reliable. Obviously there 
are other less-targeted OSes around. But other business concerns mandate 
Windows.

We use Eudora, and have configured it to put all attachments in a special 
directory used for nothing else. No attachment over 30k is automatically 
downloaded, as most viral payloads run around 100K or so (except MyDoom, 
which is fiendishly small at 32k). That makes for a few extra clicks when 
there’s a safe attachment, but safety is worth the small additional effort.

Norton Anti-Virus, updated automatically whenever Symantec comes out with 
new profiles, scans every incoming email. It runs a full system scan every 
evening as well. (The buzz is that the free AVG from 
http://www.grisoft.com/us/us_dwnl_free.php works well, too. Consider it if 
you’re reluctant to spend annual subscription fees for commercial AV 
software for the kids’ computers).

On the road I’m reluctant to plug into hotel Ethernet ports. Zonealarm does 
a great job keeping the laptop safe, but those public wide bandwidth links 
are notoriously problematic. One friend’s computer – which didn’t have a 
firewall - was attacked and the hard disk wiped within 10 minutes of 
plugging in to the hotel’s Ethernet at a recent Embedded Systems Conference.

Every Monday I run Spybot (http://www.safer-networking.org/) to search out 
and remove spyware. Internet Explorer invites an awful lot of this, but 
Mozilla rejects virtually all. It’s astonishing how much spyware comes 
pre-installed (for our convenience?) when you buy a new computer.

The result: we’ve been virus-free for the last five years.

The upshot of all this is that if you send me an email and don’t get a 
response pretty quickly either spamassassin, my extra filters, or a 
careless click-delete when my blood pressure is up because I’m deleting all 
of the MyDoom debris is to blame. Try again.

And if you get MyDoom from me, I apologize, but it’s is actually from 
someone else. The virus is spoofing my return address. May those dratted 
virus writers rot in a dank rat-infested dungeon somewhere…


Jobs!
-----
Let me know if you’re hiring firmware or embedded designers. I’ll continue 
to run notices for embedded developers as long as the job situation stays 
in the dumper.

Megger in Dallas is looking for a key team member who can hit the ground 
running on the design, development, integration and test of a CE platform 
and device drivers for a CE-based test device. Candidates must have a BSEE 
or BSCE degree with a minimum of 4 years related experience, a minimum of 2 
years Windows CE platform and driver development using Platform Builder, 
and excellent written and verbal communication skills. U.S. Citizen or 
permanent resident - no H1-B visa sponsorship. Email resume to hr@megger.com.

Zebra Technologies in Camarillo, CA is looking for a Senior Firmware 
Engineer to lead and work on complex firmware routines and algorithms. 
Hardware design background helpful; C, C++ and some assembly required. 
Email rgibson@zebra.com


Joke for the Week
-----------------
The latest Mars mission inspired this one:

The Spirit is willing, but the flash is weak.


About The Embedded Muse
-----------------------
The Embedded Muse is an occasional newsletter sent via email by Jack 
Ganssle. Send complaints, comments, and contributions to me at 
jack@ganssle.com.

To subscribe, send a message to majordomo@ganssle.com, with the words 
"subscribe embedded email-address" in the body. To unsubscribe, change the 
message to "unsubscribe embedded email-address". BUT - please use YOUR 
email address in place of “email-address”.

The Embedded Muse is supported by The Ganssle Group, whose mission is to 
help embedded folks get better products to market faster.