Tag: thoughts

I’m still reading Eternal Golden Braid, I have been on and off for maybe a year now and every few chapters gives me enough to ponder for a few months. I’m sure it’s part of the reason I’m so absent minded and mumbling to myself sometimes. Anyway here are a couple of thoughts I had.

The first was about chess. I always used to like chess, I thought it was a fun game but that was until I started to program. After coding for a while and learning how the various chess computers worked by brute-forcing the game I could only think of chess in those terms, as an amazing number of possible combinations that I was too small minded to hold in my brain. When you think of chess like that it seems pointless, I was saying to myself “There’s a move here which is perfect but I can’t see that far ahead, I’m just guessing”.

Anyway I’m happy to say I no longer think like that, if you read the book he explains how everything is made up of low level parts but there can still be meaning on a higher level. The example he gave was an ant colony, although made up of mindless ants functioned as a pretty advanced entity. You could say “Bah! It’s just a bunch of ants” but that would be ignoring what the colony achieves as a whole. Now I think although chess is ultimately made up of all these combinations of moves you can still think of it in higher terms like attacking that area of the board or protecting your queen. Suddenly it’s fun again!

The second thought I had involved the clash between logical people and for lack of a better term hippies. (Now depending on who you ask I fit into both groups so maybe I have a good insight.) Anyway I noticed how ‘hippies’ always came out with all this crazy crap about meditation and relaxing or not worrying and most logical people would just write it off immediately. The problem was that although a lot of the things they said where illogical, it seemed to work, they where relaxed with good posture and a positive happy frame of mind.

Now obviously excessive computer use plays a part in bad posture and illicit drugs might play a role in a happy frame of mind but there is still something there. I gave this a lot of thought and whilst reading the book I came to a realisation. When reading the example Kōans like “If you call this a short staff, you oppose its reality. If you do not call it a short staff, you ignore the fact. Now what do you wish to call this?” your immediate reaction is to reject it. The problem is if it leads to enlightenment maybe it’s worth dwelling on. I suspect the reason is you need something illogical to stop the recursion in your brain, you’re constantly thinking about thinking about what you just thought about and it’s impossible to get any peace. Although the Kōan is obviously junk if taken literally I think it helps you focus your mind away it can help you relax and could be a worthwhile thing. So I guess my point is maybe there is real value behind this stuff even though it ‘sound stupid’ maybe it’s not wise to judge so quickly. Maybe the logic is that there is no logic, maybe you can be a hippie with an analytical mind.

I can’t recommend the book enough, it has helped me understand a lot of things like this that have bugged me for a long time. I’m going to work through it several times until I understand every last bit.

Someone posted a comment to this blog earlier, looks like they where trying to use SQL injection to beat the spam filters or it may have been a real person trying their luck.

Anyway I find this stuff pretty interesting so I thought I would post the attack, here is what he posted:

Bill883205666','928884583billy@msn.com','','10.134.123.1','2008-06-14 08:04:27','2008-06-14 08:04:27','','0','lynx','comment','0','0'),('0', '', '', '', '', '008-06-15 08:04:27', '2008-06-15 08:04:27', '', 'spam', '', 'comment', '0','0' ) /* | None | IP: 124.217.227.127

I think it’s pretty clever how he tries to make the SQL post his message with a fake IP address, I’m also really curious why he takes the trouble to add a fake spam comment to the end of the query.

Doing a reverse lookup of the IP address it seems to be someone’s server / hosting with a shared IP from svservers.com. I guess this guy didn’t get his own IP address.

Results

124.217.227.127 resolves to “svservers.com”

Top Level Domain: “svservers.com”

Country IP Address: MALAYSIA Anyway that’s all for now, If anyone could explain more about what he’s up to I would be really interested to hear it.

Edit: My blog used to run Wordpress so this post made a lot more sense at the time. I now use CouchDB and comments are powered by Disqus anyway so it’s kind of doubly pointless

Edit2: I no longer use a database at all for the blog! Unfortunately in the transition the quotes from the sql have been munged somewhat, hopefully I’ve got them right…

I’ve been hacked, it looks like they got in through a Roundcube vulnerability and used my system as part of a DoS with kaiten.c. I have turned the server off completely for now. I’m part way through changing all my passwords and I will format the server tomorrow.

What a pain in the arse, at least it looks like script kiddies instead of anyone out to get me personally. Before I wipe the box I am going to have a look to see what they did, I will write it up if it’s anything interesting.

Rootkit hunter said the box is clean, anyone know of good ways / tools to see what the nob-head did?

- Dave.

Edit: It was my email server so if you don’t get a reply from me for a couple of days you know why.

I was in South Korea recently with work and I managed to get some time to explore before I flew home. I noticed that the average Korean interacts with technology differently from than the average Brit. My observations are mostly generalisations by nature but I thought they’d perhaps be of interest.

1. Koreans don’t generally use Google maps, they use a Korean map website I didn’t manage to write down the URL though. Google maps does work but a lot of the shops and things aren’t listed like they are in the UK.
2. Almost everyone has a smart phone here, even the “little old lady” you might meet in some random corner shop has no problem firing up a translation app. Young people especially are glued to them on the subway, you’d be better off counting the people not staring at one. It’s very rare to see anyone reading a paper book.
3. TV still seems fairly popular here unlike in the UK. You can watch it in some cars on your sat nav and even on some smart phones that have pull out antenna.
4. I rarely see people use tablet computers, I think they’re actually more popular in England.
5. iPhones seem pretty rare here, I suppose because Samsung is based in Korea. I would say Samsung/LG Android phones are by far the most common. I don’t think I’ve ever seen a Blackberry being used here.
6. Phone screens are much larger here, my phone (Samsung Galaxy Nexus) is considered pretty huge by UK standards but is actually probably smaller than average here. You couldn’t easily buy much smaller a phone than mine here. I’ve literally seen a 2 year old playing with a Galaxy Note 2. Some of the phones here (LG I think) have a more square aspect ratio, not all of them are long and thin.
7. Korean internet seems to be pretty good but not much different from ours. My colleagues got 100mb to their house, same as me. I found some of the connections I used surprisingly unreliable but I suppose that’s not much different in the UK.
8. Touchscreen interfaces to enter Korean characters seem very clunky. Tech-savvy taxi drivers almost always fumble trying to enter an address.
9. The Korean people seem to on average be much more open to embrace technology here. The technology itself doesn’t seem much different.
10. Facebook seems popular here like in UK.
11. Several Koreans I have met consider Korea number #1 worldwide in technology, internet, smartphones etc.
12. It’s quite common to smoke here but I’ve not once seen an electronic cigarette, in the UK they are becoming quite popular.
13. With online payments still tied to Active X things are seriously being hindered. A lot of people here seem to use an Android smart phone all day long but until things are opened up they would still need a PC running Windows, Internet explorer and ActiveX to perform online transactions… crazy!

Cheers, Dave.

The need for ergonomic keyboards is clear, and so far the only one is the Datahand.

It’s clear that a keyboard should be shaped to your hand if it has any chance of being ergonomic. In fact it should fit you like a glove.

Well that’s my idea, take some of those switches and wires that everyone currently uses to make stupid light-up t-shirts and apply them to something worthwhile.

Take a stretchy “one size fits all” glove, add switches to each finger tip and a usb cable and you could have a product BETTER than the Datahand for a fraction of the price.

Please someone take this idea and get rich, just give me a free pair of your new keyboard gloves.

Cheers, Dave.

So I decided to learn Python and Django in the hopes it would be a half way house between PHP and Lisp, letting me actually get stuff done whilst not being PHP.

My first impression of Django has been pretty bad, I bought the ‘definitive guide’ book only to find it was not so much definitive as obsolete. Also the amount of arbitrary seeming magic didn’t impress. Having said that I have passed through that and I’m beginning to get the hang of it.

Python on the other hand was different, to start with I HATED the look of the code compared to Lisp but after a few hours hacking it doesn’t seem that bad. For my first program I decided to solve this little puzzle. This great guide got me going quickly and along with a few small pointers from verte in the friendly seeming #python I came to a solution.

def draw_diamond(letter):
    alphabet = 'abcdefghijklmnopqrstuvqxyz'
    size = alphabet.find(letter)

    for x in range(size) + range(size, -1, -1):
        line = [' '] * ((2 * size) + 1)
        line[size + x] = alphabet[x]
        line[size - x] = alphabet[x]
        print "".join(line)

draw_diamond('d')

It didn’t take long, the code looks nice and most importantly I enjoyed writing it. I’m pretty impressed!

Currently webmail is broken, Squirrelmail looks old and dated, Roundcube got me hacked and Gmail isn’t opensource and on my server.

So here’s how to fix it, write a restful JSON API to perform all the functions like connecting, listing messages, sending emails etc. that works in the same way as CouchDB.

Next make a PHP theme to use this new API to create a Squirrelmail clone, another one for use from mobile devices and a third snazzy theme using just HTML and Javascript for desktop use.

The API could be written in anything but I suggest PHP just for practical deployment everywhere that Squirrelmail worked.

I would call it Davemail and lay it out something like this:

• davemail/api/* - for all the actual requests to access imap
• davemail/themes/* - for the different themes, one per directory that can be easily indexed dynamically so people can just chuck new themes inside and use them without any configuration
• davemail/config/ - Everything inside the config directory would get read by davemail for all the configuration details. That way it could just be a symlink to /etc/davemail/ or wherever. The files would set which imap server to use, login details, email domains accepted etc

Once Davemail takes off the API can be re-written in whatever language or with whatever optimization tricks that we might want in the future and all the themes will still work.

The first step is writing the API, I think we should start with the Squirrelmail IMAP includes and modify them to return the JSON expected.

Just a quick warning to any Linux users who are getting Virgin Media broadband installed.

The welcome website you put your details into when the connection is first hooked up actually checks if you are using Windows / Mac or not. If not you will get this error:

"Incompatible OS or Browser

To set up Virgin Broadband, your computer needs to use a recent version of Windows or Apple Mac OSX and have a compatible Internet Browser. It looks like your computer does not meet these requirements.

For further information please consult your set-up guide or give us a call on 0906 212 1111*.

* Calls cost 25p per minute, with a 10p connection fee from Virgin Media landlines. If you're calling from a mobile phone, or another network, the charge may vary."

Anyway the solution is easy, install tamper data and Under the “Tamper Data - Options” you can update the User-Agent to Internet explorer or Safari etc. which the website allows.

It’s a stupid check anyway really as to the computer it’s just an ethernet connection so why it would only work on certain operating systems is beyond me!

The last few days I have been working on a small scraper script. I’m going to Canada soon and I wanted an email alert to warn me when on-line Visa applications open. I wanted the script to email me a nice message to show me what’s changed on the page and it to log what’s going on for my piece of mind.

It took a few days, it ended up getting far too complicated. Instead of writing a little script in Perl I ended up writing this Lisp monster that uses a library to parse the HTML into a tree, code to search the tree which got pretty hairy!

It works though, but it’s so horrible I’m too ashamed to even post it here. I’m going to rewrite it using CL-PPCRE (searching for a block of text with regexp instead of parsing the HTML as a tree (hoping it works) and then having to deal with a tree).

It was a good learning exercise but a pretty clear example of KISS. Oh well…

- Dave.

I thought I would start off the blog with something hackery… The other day my friend asked me to help get back into her Myspace account. She had forgotten the old email address she used to sign up to the site.

My mission was to figure out the email and password used, login and then update her email and password to the new ones she can remember. All I had to go on was the rough structure of the email address, she remember it was a hotmail.co.uk address and the words used.

It was something like two words and a number but she couldn’t remember how it went exactly… e.g. herbert1wompom@hotmail.co.uk or herbertwompom@hotmail.co.uk or herbertwompom1@hotmail.co.uk or something similar. There where a few words and numbers she thought it probably was but she couldn’t remember the exact combination.

Anyway I figured the first step was to figure out what the exact email address was. I used the Myspace advanced search facility and started guessing combinations of the email address until a match was found. Eventually after 20 mins of guessing one of the email addresses linked to her profile so I was half way there.

Next I had to compromise the email account so I started trying to login to her Hotmail account with some of the passwords she thought it might be. After a while I realized that the email account didn’t exist (it must have expired) so I signed up using the appropriate account name to gain access to emails sent to that address.

Lastly all I had to do was go on Myspace and click the “I forgot my password” button and I had everything I needed. I logged into her Myspace profile and was able to update the email and password.

The main thing to remember from this is how powerful the Myspace search is. If I get an email from someone I can instantly search Myspace for a profile with that email address and find out a lot of personal information.

This is kind of a stupid post but here we go. Please can everyone tone down use of the word “orthogonal” a bit?! It doesn’t make you smarter and in fact if you don’t even look the word up first you can end up looking pretty dumb. (Hell I didn’t know what it meant and I had to pause the video and look it up.)

I noticed how everyone emulated Rich after watching through the Clojure videos and you could barely read anything about Clojure without every third word being “orthogonal”. The final straw was a interview I listened to where the host didn’t know the difference between recursion and orthogonal and kept mixing them up.