October 2008 Archives

Happy Halloween and a Spooky Ghost from the jQuery Pumpkin

By Mark Kolich on October 31, 2008 4:45 PM | No TrackBacks
jquery_pumpkin.jpgIt wouldn't be Halloween without a sweet jQuery jack-o'-lantern, so here ya go.  Over the last year or so, I've been using many JavaScript frameworks.  However, I absolutely love jQuery.  In terms of JavaScript DOM manipulation and overall ease-of-use, it's probably one of the more complete and robust JavaScript frameworks available.  In fact, I use jQuery on this blog and have built multiple other projects using the jQuery framework.  I prefer jQuery over Prototype, but I use both on a very regular basis.

If you're new to jQuery, I would suggest reading up on how it works.  And, take a quick look a few jQuery UI demos which are absolutely fantastic.  My favorite UI demo is the Magnifier.  Who knew you could do so much in a web-browser?  It makes you wonder why we even need a full OS running on our PC's; oops, I just gave away my next project!

Silhouette Project Source Now Available

By Mark Kolich on October 31, 2008 10:44 AM | No TrackBacks
I've recently posted the source code for the Silhouette project on my Silhouette Project page.  Silhouette is an open-source pure Java shape recognition engine.  I built Silhouette in 2005 for my undergraduate senior Computer Science project.  The source code and other related project documents are now freely available under the MIT License.  BTW, I plan on releasing future projects under the WTFPL License.  Happy Halloween.

O[b,s]ama's Prime-time Ad Skips Over Budget Realities

By Mark Kolich on October 30, 2008 5:24 PM | No TrackBacks
osama.pngOct 29 09:47 PM US/Eastern
By CALVIN WOODWARD
Associated Press Writer

WASHINGTON (AP) - Democratic presidential candidate Barack Obama was less than upfront in his half-hour commercial Wednesday night about the costs of his programs and the crushing budget pressures he would face in office.

Obama's assertion that "I've offered spending cuts above and beyond" the expense of his promises is accepted only by his partisans. His vow to save money by "eliminating programs that don't work" masks his failure throughout the campaign to specify what those programs are--beyond the withdrawal of troops from Iraq.
Continue reading O[b,s]ama's Prime-time Ad Skips Over Budget Realities.

HOWTO: Generating Many Good Random Passwords 'Automagically' using Bash

By Mark Kolich on October 30, 2008 9:24 AM | No TrackBacks
dice.pngThis is a follow-up post to my HOWTO: Generating Good Random Passwords With /dev/urandom.  A local system administrator professional contacted me with a few real-life scenarios for good password generation and provided some suggestions on how to handle them.

  • Creating reasonably complicated passwords for a school (for an entire student body).
  • Creating complex passwords for a company/business with strict password requirements.
  • Creating passwords for a company/business with an anal-retentive network admin (super complex passwords with special characters like #%^*&!. and so on).
Forget expensive and ridiculous "password generation" software.  If you have access to a Linux box, then you've got a password generator.  Continue reading if you're curious how to generate good passwords for each of these cases.

If you want to check your existing password(s) to see how long they might take to crack using a brute force approach, see this spreadsheet from Mandylion Labs (BFTCalc.xls).  Or, get it directly from their web-site.

Continue reading HOWTO: Generating Many Good Random Passwords 'Automagically' using Bash.

MySQL: Duplicate Entry Error when handling Varchar Primary Keys

By Mark Kolich on October 29, 2008 5:25 PM | No TrackBacks
mysql.pngIn the last week or so, I worked on a very interesting problem that dealt with using varchar's as a primary key in MySQL.  I wrote some Java code that was migrating sensitive user data from a SQLite database to a MySQL database.  I was inserting the migrated data into a MySQL table that declared a varchar field as a primary key.  On several of the inserts, I received an "ERROR 1062 (23000): Duplicate entry 'bleh' for key 1".  I was puzzled, because the primary key I was inserting into the table was the same string of characters, just with different case.  For example, one key was "Ozzie" and another was "ozzie".  Technically speaking, these SHOULD be different primary keys (and they are) but MySQL didn't immediately think so.

Continue reading for an explanation.
Continue reading MySQL: Duplicate Entry Error when handling Varchar Primary Keys.

Warning on Registering .pro Domain Names: Process is Quite .lame

By Mark Kolich on October 29, 2008 1:02 PM | No TrackBacks
I recently tried to register a .pro domain name through my registrar, Network Solutions.  If you are considering registering a .pro domain, you should be warned that the .pro registry requires that you provide a valid and certified business license with your registration.  If you don't have a valid business license, you will not be able to register a .pro domain.  Unfortunately, my registrar did not alert me of this important fact until they billed me.

Apparently, I'm not worthy of a .pro domain name so I must be a .amateur (thanks Larry, for the pun).

HOWTO: Hide Apache Server Version for Security using ServerTokens and ServerSignature

By Mark Kolich on October 28, 2008 9:11 PM | No TrackBacks
apache.gifOn the web, malicious hackers typically try to exploit bugs or holes in un-patched versions of public web-servers.  The Apache web-server is an obvious target, given that as of June 2008 Apache served 49.12% of all websites on the Internet.  In fact, the Apache web-server is powering this blog and my network of other domains.

When a client (most often a browser) makes an HTTP request to a web-server, the server responds with an HTTP response.  The response contains a status line with a status code (e.g., HTTP/1.1 200 OK) and a set of response headers.  Surprisingly, the Apache web-server embeds version information about itself in these HTTP response headers.  If you are concerned about exposing the version of Apache you are running to the world, you may want to disable this.  Hackers often look for specific versions of Apache with known bugs to pick-on, then target the site with various attack methods.  Blocking this Apache version information in the HTTP response headers can make it more difficult for hackers to identify the version of Apache you are running and compromise your system(s).  Continue reading for the HOWTO.
Continue reading HOWTO: Hide Apache Server Version for Security using ServerTokens and ServerSignature.

HOWTO: Use Regex's to Validate Email Addresses and Passwords

By Mark Kolich on October 28, 2008 10:31 AM | No TrackBacks
I recently came across some decent regular expressions (regex's) to validate email addresses, and check password complexity.  They are as follows:

To validate an email address:

^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,4})$

To validate a password for basic complexity:

^\\w*(?=\\w*\\d)(?=\\w*[a-z])(?=\\w*[A-Z])\\w*$

The password complexity regex verifies that the password String contains at least 1 number, at least 1 lower case letter, and at least one upper case letter.  In addition to Java, I've used these regular expressions in JavaScript and PHP.  They work well for most needs.  Continue reading for code samples.
Continue reading HOWTO: Use Regex's to Validate Email Addresses and Passwords.

Michael Crichton: Environmentalism, Reality or Fantasy?

By Mark Kolich on October 27, 2008 8:09 PM | No TrackBacks
crichton.jpgThis is one of the most comprehensive and well-done speeches I've ever read on environmentalism.  Enjoy.

Remarks to the Commonwealth Club - Environmentalism, Reality or Fantasy?
by Michael Crichton
San Francisco
September 15, 2003

I have been asked to talk about what I consider the most important challenge facing mankind, and I have a fundamental answer. The greatest challenge facing mankind is the challenge of distinguishing reality from fantasy, truth from propaganda. Perceiving the truth has always been a challenge to mankind, but in the information age (or as I think of it, the disinformation age) it takes on a special urgency and importance.

Continue reading Michael Crichton: Environmentalism, Reality or Fantasy?.

HOWTO: Configure VI To Stop Saving Annoying ~ (Tilde) Backup Files

By Mark Kolich on October 27, 2008 4:00 PM
I like Vi, but I hate the fact that it saves these really annoying backup files when I'm working.  For example, if I'm working on "index.php", once I :w the file (that's save the file for non-Vi users), it will also spit out "index.php~".  According to Vim documentation, the file with a tilde on the end of it is supposed to be a backup copy of the previous revision before the save.  I suppose this is a nice feature, but I don't use Vim enough (anymore) to take advantage of it.  The files with the tilde's on the end of them get plain annoying after a while.

The solution is to :set nobk in your Vim session.  Or, if you don't want to :set nobk for every new session (like me), you can edit your .vimrc/.gvimrc files.  Continue reading where to find your .vimrc and .gvimrc files on Vista and Linux.
Continue reading HOWTO: Configure VI To Stop Saving Annoying ~ (Tilde) Backup Files.

HOWTO: export LANG=en_US.ISO-8859-1 to Compile Java (javac) on Linux

By Mark Kolich on October 27, 2008 2:27 PM | No TrackBacks
java_logo.gifI use Linux as much as possible for everything I do.  However, I often develop pieces of code on Windows, eventually compiling and deploying the entire project on Linux.  During my Ant builds, I've hit all kinds of interesting problems moving Java between Linux and Windows.  One of my least favorite javac errors is the "unmappable character for encoding UTF8" which looks like this:

[javac] /home/.../htmlGenerator/EscapeText.java:113: unmappable character for encoding UTF8
[javac]                     case '?': sb.append("®");break;
[javac]                           ^

A quick solution to the compilation error is to set the LANG environment variable to en_US.ISO-8859-1 using export:

(mark@skull)~/build> export LANG=en_US.ISO-8859-1
(mark@skull)~/build> echo $LANG
en_US.ISO-8859-1

It took me an hour or so to figure this one out.  Hopefully this post saves someone else the trouble.  Continue reading for a (somewhat) technical explanation.
Continue reading HOWTO: export LANG=en_US.ISO-8859-1 to Compile Java (javac) on Linux.

You Say Linksys I Say Tomato

By Mark Kolich on October 27, 2008 1:16 PM | No TrackBacks
wrt54gl.png I have a vanilla Linksys WRT54GL on my home network.  This feeds directly into an HP ProCurve 2524 manageable switch which connects the many devices in my home office.  Why am I using an enterprise grade manageable switch in my home office?  Because I can.

After reading about how to upgrade your router to a super-router on Lifehacker, I just couldn't resist.  I installed the open-source Tomato firmware per the instructions on Lifehacker.  I gave and it try, and I'm definitely impressed.

Continue reading You Say Linksys I Say Tomato.

HOWTO: Generating Good Random Passwords With /dev/urandom

By Mark Kolich on October 26, 2008 7:03 PM | No TrackBacks
Traditionally, I've relied on online JavaScript password generators to create my passwords.  I prefer extremely complicated ones, like sPtBf4CDuul9Wlol and H0SD9BHz4xHIah0h (at least 16-characters are preferred).  However, when I'm setting up a new system for myself, or configuring user accounts on a shared box at work, JavaScript password generators are slightly inconvenient if I don't have a web-browser handy.  Plus, if I need to generate multiple passwords for many users, it's unrealistic to use to a JavaScript password generator embedded in a web-browser.

Luckily, a colleague at work pointed out an easy way of generating good passwords using /dev/urandom on Linux:

head -c 500 /dev/urandom | tr -dc a-z0-9A-Z | head -c 16; echo

On HP-UX, run:

head -n 500 -c /dev/urandom | tr -dc a-z0-9A-Z | head -n 16 -c

Note you can change the "16" in the final call to head to get a different password length of your choice.


FOLLOWUP 2/7/09:

If you'd like to generate several random passwords using a shell/Bash script, see my post on HOWTO: Generating Many Good Random Passwords 'Automagically'.


FOLLOWUP 6/8/09:

David Douthitt at UNIX Administratosphere recently covered a great way to generate passwords using Perl. His method is especially useful on HP-UX and OpenVMS boxes. Thanks, David!


Continue reading HOWTO: Generating Good Random Passwords With /dev/urandom.

HOWTO: Use MPlayer to Rip an MP3 Stream

By Mark Kolich on October 25, 2008 3:39 PM | No TrackBacks
On Linux, it's easy to use mplayer to rip your favorite MP3 stream.  By ripping, I mean saving an audio stream to a file on your computer for later.  I often save online streams and load them onto my favorite portable music player for a workout.  To save a video/audio stream with mplayer, you'll need the -dumpstream and -dumpfile options.  Note, there are other ways to save a stream with mplayer, but this is by far the most convenient method I've found.

Here's an example of ripping SomaFM's Groove Salad MP3 stream (a nicely chilled plate of ambient beats and grooves):

mplayer -cache 100 -dumpstream \
  http://scfire-chi0l-2.stream.aol.com:80/stream/1018 \
  -dumpfile soma_fm.mp3

BTW, this method also works for saving RealVideo streams (RSTP).

mplayer -cache 100 -dumpstream \
  rtsp://rxn08.example.com/video/video1.rm \
  -dumpfile video.rm
Continue reading HOWTO: Use MPlayer to Rip an MP3 Stream.

Bob Barr 2008 -- Liberty for America

By Mark Kolich on October 25, 2008 2:22 PM | No TrackBacks
I'll try to keep political posts to a minimum.  But I couldn't resist on this one; after all who doesn't have election fever?

You've probably never heard of him, but Bob Barr really should be the next President of the United States.  Forget the socialist Barack O[s,b]ama.  Forget the R.I.N.O. (Republican in Name Only) John McCain.  For once, can we please elect a President who is genuinely interested in doing the right thing for America?  Or, at the very least can we open up our Presidential Debates to 3rd parties?

http://www.bobbarr2008.com/





Basics of SCSI: Firmware Applications and Beyond

By Mark Kolich on October 25, 2008 12:37 PM | No TrackBacks
feel_scsi.jpgIn 2004, I prepared a technical research paper on SCSI (Small Computer System Interface).  Concurrently, I wrote a technical performance white-paper on HP's Ultra320 SCSI storage solution: the Ultra320 SCSI HP-UX MPT driver using HP's A7173A PCI-X Dual Channel Ultra320 SCSI Host Bus Adapter.  My performance white-paper was eventually published on ZDnet and Silicon.com.  The original performance white-paper can also be found here on docs.hp.com.

Continue reading for the technical research paper abstract.

Download the full technical research paper here: CMSI499_MarkKolich_SCSIPaper.pdf

Download the technical white-paper here: A7173A_performance_PA.pdf


Continue reading Basics of SCSI: Firmware Applications and Beyond.

Meebo Interview Questions

By Mark Kolich on October 25, 2008 10:53 AM | No TrackBacks
meebo-logo.pngIn May of 2007 I interviewed with Meebo for a Server-Side Engineer opening.  Part of the initial screening process includes asking the candidate some interesting questions in C/C++ as shown on their job opening site at http://www.meebo.com/jobs/openings/server/.  Ideally the candidate is to "solve" these puzzles and submit their answers with a resume.  Needless to say, I didn't get the job but I did go through a few rounds of interviews.  I found the initial puzzles interesting, and so here are my answers for anyone who's curious ... meebo.zip.

Continue reading for the puzzle questions, or find them here.

Continue reading Meebo Interview Questions.

First blog post ... ever

By Mark Kolich on October 25, 2008 1:28 AM | No TrackBacks
vmware_loves_centos.pngI decided to join the rest of the tech enlightened world by creating my own blog.  This is the first post to my blog ... ever.  Thanks to the kind folks at VMware, this blog is hosted on my home network using VMware Server 1.0.7 running a CentOS 5.2 guest.  Finally, I can put all of my domain-names to (somewhat) good use.  Domain squatters, eat your hearts out, suckers.
Main Index | Archives | November 2008 »

Twitter (@markkolich)

Bookmarks/Blogroll

Translate

About this Archive

This page is an archive of entries from October 2008 listed from newest to oldest.

November 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.