2008 Oct 14, 11:14Similar in concept to the Pirate Bay suggestion of encrypting all TCP/IP connections if both server and client support it: "Obfuscated TCP is a transport layer protocol that adds opportunistic
encryption. It's designed to hamper and detect large-scale wiretapping and corruption of TCP traffic on the Internet."
internet tcp encryption security google privacy opensource cryptography network ssl 2008 Aug 26, 10:03"A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system,
which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained."
security ssl pki certificate man-in-the-middle 2008 Aug 22, 5:35Photosynth now available and easy to use: "Photosynth, a technology demo from Microsoft Live Labs, has graduated from its "ooh, that's pretty" status to being a viable Web service for consumers. The
technology, which takes a grouping of photographs and stitches them into a faux 3D environment, can now be implemented with photos you've taken on your digital camera or mobile phone, and converted
right on your computer. Previously, the process of stitching these photos together took weeks of processing on specially configured server arrays. With its latest version, Microsoft has managed to
shrink that into around the time it takes to upload your photos."
via:felix42 photosynth photos photography 3d microsoft free tool 2008 May 30, 9:49Blog post on Windows Server Core, what it is and setting it up: "Server core is a minimal installation option for Windows Server "Longhorn" providing a minimal environment supporting specific server
roles."
windows blog msdn server scott-hinsley os 2008 May 9, 5:53W/o my middle name: Add ivy resin, Daisy driven. W/ my middle name: Envy is deadlier, Evil nerdy ideas
david-risney me anagram text 2008 Apr 7, 2:55"The PHP OpenID library lets you enable OpenID authentication on sites built using PHP."
php openid development opensource identity authentication api software server library 2008 Mar 23, 12:38
The move of my website to NearlyFreeSpeech.NET is mostly complete except for a few server side things not working yet: RandomGrammar and parts of Vizicious. I'm still very happy with the
NearlyFreeSpeech.NET hosting and so far I've only spent a few cents on hosting. At this rate I'll only spend a few dollars a year.
I've moved all my pages to use the same CSS and hooked it up with cookies to my Kuler color options so now changes to the color theme will
stick and apply to all my pages. I haven't figured out the caching for this yet so you may have to refresh to see changes to color applied.
nearlyfreespeech.net technical webhosting kuler homepage 2008 Mar 17, 1:25
I've switched from using my own home web server of which one of the harddrives died, to using NearlyFreeSpeech.NET, an actual real live web hosting
service. So far I'm very happy with them and they give me almost exactly what I had on my own home server: ssh access, vim, php, java, etc. etc. The only notable things they don't do are (1) cron
jobs which I use currently and (2) SSL which I don't use currently. I can replace my cron job usage and I suppose I'll have to reevaluate my web hosting if I ever need SSL. At the moment many of
the server side things like Vizicious will be unavailable. I'll work on getting those working again at some point.
technical webhosting webserver server homepage 2008 Mar 13, 10:49How to install subversion on Windows.
svn reference blog article subversion windows microsoft 2008 Mar 2, 9:18
This post is about creating a server side z-code
interpreter that represents game progress in the URI. Try it with the game Lost Pig.
I enjoy working on URIs and have the mug to prove it. Along those lines I've combined thoughts on URIs with interactive fiction. I have a
limited amount of experience with Inform which generates Z-Code so I'll focus on pieces written in that. Of course we can already have URIs
identifying the Z-Code files themselves, but I want URIs to identify my place in a piece of interactive fiction. The proper way to do this would be to give Z-Code its own mimetype and associate
with that mimetype the format of a fragment that would contain the save state of user's interactive fiction session. A user would
install a browser plugin that would generate URIs containing the appropriate fragment while you play the IF piece and be able to load URIs identifying Z-Code files and load the save state that
appears in the fragment.
But all of that would be a lot of work, so I made a server side version that approximates this. On the Web Frotz Interpreter page, enter the URI of a
Z-Code file to start a game. Enter your commands into the input text box at the bottom and you get a new URI after every command. For example, here's the
beginning of Zork. I'm running a slightly modified version of the Unix version of Frotz. Baf's Guide to the IF Archive has lists of IF games to try out.
There are two issues with this thought, the first being the security issues with running arbitrary z-code and the second is the practical URI length limit of about 2K in IE. From the Z-Code
standard and the Frotz source it looks like 'save' and 'restore' are the only commands that could do anything interesting outside of the Z-Code virtual machine. As for the length-limit on URIs I'm
not sure that much can be done about that. I'm using a base64 encoded copy of the compressed input stream in the URI now. Switching to the actual save state might be smaller after enough user
input.
zork frotz interactive-fiction zcode if technical uri fragment 2008 Jan 9, 11:34
IPv6 address syntax consists of 8 groupings of colon delimited 16-bit hex values making up the 128-bit address. An optional double colon
can replace any consecutive sequence of 0 valued hex values. For example the following is a valid IPv6 address: fe80::2c02:db79
Some IPv6 addresses aren't global and in those cases need a scope ID to describe their context. These get a '%' followed by the scope ID.
For example the previous example with a scope ID of '8' would be: fe80::2c02:db79%8
IPv6 addresses in URIs may appear in the host section of a URI as long as they're enclosed by square brackets. For example:
http://[fe80::2c02:db79]/. The RFC explicitly notes that there isn't a way to add a scope ID to the IPv6 address in a URI. However a draft document describes adding
scope IDs to IPv6 addresses in URIs. The draft document uses the IPvFuture production from the URI RFC with a 'v1' to add a new
hostname syntax and a '+' instead of a '%' for delimiting the scope id. For example: http://[v1.fe80::2c02:db79+8]/. However, this is still a draft document, not a final
standard, and I don't know of any system that works this way.
In Windows XPSP2 the IPv6 stack is available but disabled by default. To enable the IPv6 stack, at a command prompt run
'netsh interface ipv6 install'. In Vista IPv6 is the on by default and cannot be turned off, while the IPv4 stack is optional and may be turned off by a command similar to the previous.
Once you have IPv6 on in your OS you can turn on IPv6 for
IIS6 or just use IIS7. The address ::1 refers to the local machine.
In some places in Windows like UNC paths, IPv6 addresses aren't allowed. In those cases you can use a Vista DNS IPv6 hack that lives in the OS
name resolution stack that transforms particularly crafted names into IPv6 addresses. Take your IPv6 address, replace the ':'s with '-'s and the '%' with an 's' and then append '.ipv6-literal.net'
to the end. For example: fe80--2c02-db79s8.ipv6-literal.net. That name will resolve to the same example I've been using in Vista. This transformation occurs inside the system's local
name resolution stack so no DNS servers are involved, although Microsoft does own the ipv6-literal.net domain name.
MSDN describes IPv6 addresses in URIs in Windows and I've described IPv6 addresses in URIs in IE7. File URIs in
IE7 don't support IPv6 addresses. If you want to put a scope ID in a URI in IE7 you use a '%25' to delimit the scope ID and due to a bug you must have at least two digits in your scope ID. So,
to take the previous example: http://[fe80::2c02:db79%2508]/. Note that its 08 rather than just 8.
roundup ip windows ipv6 technical microsoft boring syntax 2007 Nov 28, 1:23One of the new Zune features that had me the most excited was the claimed improved Windows Media Center integration which unfortunately turned out to simply mean support for the Win MCE video format
(
with an exception for HD). I wanted to be able to pick shows recorded by my Win MCE and have the Zune automatically sync up the
latest episodes. However, with the improved podcast support in the Zune software one can easily create a ridiculous hack to accomplish this.
The new Zune software has podcast support which does everything I'd want to do with a
Win MCE recorded TV series so the goal is to shoehorn a TV series into a Zune podcast. An overview of the steps: Create an XSLT that converts Win MCE data to a podcast, run the XSLT as a scheduled
task every few hours per TV series, setup a Web server pointed at the resulting podcasts and the Win MCE Recorded TV directory, and subscribe to the resulting podcasts in the Zune software.
- Reading through the Win MCE data stored as an XML file in "C:\ProgramData\Microsoft\eHome\Recording\Recordings.xml" and the spec for podcasts I created an XSLT to convert a series from Win MCE data to a podcast.
- I added a new task to the Scheduled Tasks to run my XSLT using my xsltproc.js script. The task runs a handful of commands that look something like the following:
C:\windows\system32\wscript.exe C:\users\dave\bin\xsltproc.js C:\Users\Dave\Documents\trunk\development\mce-zune\mce-to-podcast.xslt
C:\ProgramData\Microsoft\eHome\Recording\Recordings.xml --param title "The Daily Show With Jon Stewart" --param max 4 --param baseURI "http://groucho/" --param thisRelURI "tds.xml" -o
"D:\recorded tv\tds.xml"
For each TV series I run a command like the above and that outputs a podcast for that series into my "D:\Recorded TV\" directory.
- Zune only allows http URIs for its podcasts so I installed a web server on my Win MCE server. I'm running Vista Ultimate so it was quick and easy for me to install IIS7 but any Web server will do. Then I pointed it at "D:\Recorded TV\".
- Once all the above was done I just subscribed to the resulting podcasts via my Web server and viola! Since I'm forced to use a Web server I can even run the Zune software on a machine other
than my Win MCE server. You can see a screen-shot above of my Zune software showing my Colbert Report podcast.
technical xml mce hack windows media center zune windows xslt podcast 2007 Nov 7, 9:44Paper on how to apply honeybee protocol to managing Internet hosting.
bee internet web research paper 2007 Sep 28, 11:13Using Win2K3's timewarp feature
backup windows timewarp microsoft blog raymond-chen tips howto 2007 Sep 27, 2:17Starting on a new simple project I wanted to get the history of my Delicious links. Delicious has an export tool available via the settings section so I thought I'd try that. However, the links
aren't exported in XML not even in XHTML but rather in HTML. Shocking. An example:
"Don't Tase Me, Bro!" (UF Student Tasered Remix)
Remix of the 'Don't tase me, bro!' guy getting tasered.At this point I'm already not going to use this file because its in HTML but I'm even more disgusted by those date time values.
Raymond Chen of the Old New Thing posted about recognizing timestamps and timestamp sentinel values. From the first blog post and with the use of a calculator for base conversion one can tell that
those are UNIX style timestamps counting the number of seconds since 1970.
It reminds me of my hatred for the MIME date time format I developed working on my webpage's server side parsing of atom and RSS. Atom is
of course my favorite as Atom uses the Internet date time format described in the following documents. Here's an example of one
2007-09-27T020:50:00.000-08:00
On the other hand the evil and villainous RSS uses the MIME date time format now described in the more
recent IETF MIME standard. Here's an example Thu, 27 Sep 2007 20:50:00 -0800
The Internet date time format has the advantage of being so easy to sort. An alphabetic sort with normal C-style collation rules of strings containing Internet date times will also sort them
chronologically. This is not the case for the MIME date time due to the preceding day of the week and the spelled out month name. This also means that when producing these you have to figure out
the day of the week and when parsing them you have to match month names rather than just parsing out numbers. Anyway now days if I see mention of a date time in a new proposed standard or spec I be
sure to point out the numerous advantages of the Internet date time format.
date xml html feed time technical date-time code atom rss 2007 Sep 11, 2:55There's been
some news recently on some guy hating on FireFox for its ad-blocking.
On a similar note here's a fun tip for IE7 users I got from Eric. You can get decent ad-blocking in IE7 by putting ad servers in the restricted zone. By default script inclusion is blocked between
different zones so you can put domains that serve up ads in your restricted zone after which, normal internet zone sites won't be able to include script from them. This covers most of the ads I run
into these days.
I use
Fiddler to figure out the domains that are serving up ads which incidentally also has an ad-blocking^H^H^H^H general purpose content blocking plugin. Here's
a screenshot of Slashdot and ArsTechnica from my browser. Notice the large blank areas in the screenshots:
ad-blocking personal ad ie7 technical browser tip ie 2007 Jul 13, 8:30I bought an external backup drive a few weekends ago. I've previously setup a
Subversion repository so I decided to move everything into the repository and
then back it up. So in went the contents of all of my %USERPROFILE% and ~ directories with a bit of sorting and pruning. Not too much though given its much easier to dump in everything and search for
what I want then to take the time to examine and grade each file. What follows are the notes I took while setting this up. It takes me a bit of time to look up the help on each command so I figure
I'll write it all down here for the benefit of myself and potentially others...
Setting Up the Backup Drive For Linux
I first changed the filesystem on the drive to ext3. I plugged it into my USB2.0 port and ran fdisk:
sudo fdisk /dev/sda
Useful commands I used to do this follow mostly in order:
-
m
-
help
-
p
-
print current partitions
-
d
-
delete current partition
-
n
-
create new partition (I used the defaults)
-
w
-
write changes and exit
Then I formatted for ext3.
sudo mkfs.ext3 /dev/sda1
I made it easy to mount:
sudo vim /etc/fstab
# added line to end:
/dev/sda1 /media/backup ext3 rw,user,noauto 0 0
I setup the directory structure on the disk
mount /media/backup
sudo mkdir /media/backup/users
sudo mkdir /media/backup/users/dave
sudo chown dave:dave /media/backup/users/dave
After all that its easy to make a copy of the Subversion repository:
mount /media/backup
cp -Rv /home/dave/svn /media/backup/users/dave/
umount /media/backup
Next on the agenda is to add a cron job to do this regularly.
Subversion Command Reference
On a machine that has local access to the Subversion repository you can check out a specific subdirectory as follows using the file scheme:
svn co file:///home/dave/svn/trunk/web/dave%40deletethis.net/public_html
Note also that although one of my directories is named 'dave@deletethis.net' Subversion requires the '@' to be percent-encoded.
Other useful subversion commands:
-
svn help
-
help
-
svn list file:///home/dave/svn/
-
list all files in root dir of svn depot
-
svn list -R file:///home/dave/svn/
-
list all files in svn depot
-
svn list -R file:///home/dave/svn/ | grep \/$
-
list all directories
-
svn status
-
List status of all files in the working copy directory as in - modified, not in repository, etc
-
svn update
-
Brings the working copy up to date wrt the repository
-
svn commit
-
Commit changes from the working copy to the repository
-
svn add / move / delete
-
Perform the specified action -- occurs immediately
Setting up Windows Client for Auto Auth into SVN
When using an SVN client on Windows via svn+ssh its useful to have the Windows automatically generate connections to the SVN server. I use
putty on my Windows machines so I read the directions on
using public keys with putty.
putty.exe dave@deletethis.net
cd .ssh
vim authorized_keys # leave the putty window open for now
puttygen.exe
Click the 'generate' button
Move the mouse around until finished
Copy text in 'Public key for pasting into OpenSSH authorized_keys file:' to putty window & save & close putty window
Enter Key passphrase & Comment in puttygen
Save the private key somewhere private
pageant.exe
'Add Key' the private key just saved.
Checking out using Tortoise SVN
On one of my Windows machines I've already installed Tortoise SVN. Checking out from my SVN repository was really easy. I just right clicked in Explorer in a directory and selected "SVN Checkout...".
Then in the following dialog I entered the svn URI:
svn+ssh://dave@deletethis.net/home/dave/svn/trunk/web/dave%40deletethis.net/public_html/
Note again that the '@' that is part of the directory name is percent-encoded as '%40' while the '@' in the userinfo is not.
Windows Command Line Check Out
On my media center I didn't want to install Tortoise SVN so rather I used the
command line tool. I setup pageant like before the only
difficulty was getting the SVN command line tool to use putty. With the default configuration you can use the SVN_SSH environment variable to point at a compliant SSH command line tool. The trick is
that its interpreted as a backslash escaped string. So I set mine thusly:
set SVN_SSH=C:\\users\\dave\\bin\\putty\\plink.exe
The escaping solved the vague error I received about not being able to create the tunnel.
backup technical personal windows svn linux subversion 2007 Jun 22, 10:16A video of RL as SL. That is, what second life would look like in real life.
video humor secondlife
Some rights reserved