Algorithms for the Masses by Julian M Bucknall

Quick links to the most recent posts:

• Converting a physical machine to a VMware Workstation VM (Mon 8-Feb-2010)
• How to survive on three passwords (Tue 2-Feb-2010)
• Freeze Frame Fail - Spooks series 5, episode 9 (Fri 29-Jan-2010)
• How identifiable are you on the net? (Thu 28-Jan-2010)
• Unbiased tosses from a biased coin (Wed 27-Jan-2010)
• Windows 7 Home Premium: turn off password expiration (Mon 25-Jan-2010)
• "Nothing To Be Frightened Of" by Julian Barnes (Fri 22-Jan-2010)
• Firefox 3.6 and S3Fox (Fri 22-Jan-2010)
• Posting mini blog posts from Posterous (Fri 22-Jan-2010)
• Megapixel Madness (Thu 21-Jan-2010)

A week or so ago I ordered a new light fast notebook for my wife to replace her aging Dell XPS M1330. Aging as in 2 years old, but showing its age nevertheless. It came on Friday, and by Sunday I'd installed Microsoft Office on it and run the Easy Transfer app to copy over her documents and settings.

(Aside: Windows Easy Transfer (WET) is da bomb. Why, oh why, it took Microsoft until Windows 7 to create such a program I have no idea, suffice it to say it was a piece of cake to use and did the right job first time. It even produced a report showing the apps I had yet to install — yes, I'd forgotten a couple — to make the new machine (a Dell Studio XPS 13) as capable as the old.)

She's happy with the new one, as well she should: it scores higher than my Dell XPS 1530 on the WIndows Experience rating, and is definitely faster than her old one. Of course, that leaves me with the M1330. I took a look on eBay: they seem to go for about $500 for the specs I have. But, of course, I first need to wipe the machine and reinstall Windows Vista, the OS it was shipped with in the first place. And, furthermore, just in case, I need to make a snapshot of the machine before I do so. Just in case. You know, for the highly improbable eventuality that some document was stored somewhere that WET didn't find. My butt has been chewed way too often, ta very much. So, just in case.

In the past I took a backup with Acronis TrueImage, but I haven't been using it for 6 months or so, ever since I bought a Windows Home Server (another "da bomb" product from Microsoft). This time around, I decided to convert the machine image to a VMware Virtual Machine. I'm really into VMs at the moment and the thought of being able to boot up my wife's old PC when she asked for something that hadn't been copied is just too much to miss.

For the Virtual PC users among you, there's Disk2VHD, a utility from the SysInternals guys. For VMware fans there's a similar free utility called the VMware vCenter Converter. Yes, I know, don't worry about the name, it works just fine with VMware Workstation 7. Although it's free, you still have to register it with VMware before they let you download it (geez, come on guys).

Install it in standalone mode and there are two options of import: Convert Machine and Configure Machine. Convert Machine is supposed to log into a remote machine that's running and perform the conversion, but no matter what I did it wouldn't connect to my M1330 from my desktop. Oh well, you can also install the converter program onto the machine you want to convert and it'll work just as well from there. A couple of hours later, it had finished and I had a new VM on the notebook's drive that I could then copy to my desktop.

And there the problems started. Ach. I ran the Configure Machine option, it seemed to do something, but when I booted the VM all kinds of issues occurred. First of all, I couldn't install the VMware tools (essential for the proper running of the VM). It seemed to be that the VM configuration had the OS description of "Other" rather than "Windows 7". I opened up the VMX file and fixed it and rebooted the VM again. The network adapters (of which there were three for some reason — the notebook had two, the wireless and the wired) didn't work. Opening up Device Manager showed that there were three "Ethernet Controller" drivers that had warnings. Removing the drivers and getting Windows to re-discover the hardware didn't produce anything better: the same old faulty driver warnings. The audio driver didn't work either. The fingerprint reader would pop up an error dialog saying the hardware couldn't be found (Duh). And then the VM suddenly got very slow.

I abandoned that VM and deleted it. I copied over the VM from the notebook again. This time around, immediately on booting it, I went into Programs and Features and uninstalled all the hardware drivers and programs that didn't make sense any more: the fingerprint reader, the web cam, the bluetooth, the ethernet adapters, and so on. I rebooted the VM. Still I had the problem of the three non-functioning network adapters, but at least the audio had started working. I tried the old trick of uninstalling the ethernet adapters from Device Manager and auto-discovering the new hardware, but the same non-functioning driver problem occurred again.

Bah. This time I tried the nuclear option. I shut down the VM, removed all virtual network adapters from the VM's configuration, and then rebooted the VM. Device Manager looked good this time, no faulty ethernet controller drivers (well, there wasn't any virtual hardware for networking). I shut down the VM, added back a single virtual network adapter set to NAT, and rebooted the VM. This time, the OS recognized the new (virtual) hardware, and installed the correct driver, and I had a fully functioning VM.

Phew.

Now to repave the M1330's hard drive. I've still to decide whether selling it is worth it or not: it's a cute little machine.

Share it:                

Some time ago, I read in some issue of Women's Health, a magazine my wife subscribes to, that you can survive in the modern always-connected online world on just three passwords. One password for your financial institutions, one password for the less important sites (say, your social sites, or your shopping sites), and one password for everything which you don't consider important or particularly care about or is essence a one off.

Bloody nonsense, was how I put it to myself at the time and took the mag for recycling.

Incredible bloody nonsense, is how I put it now. One reason? Well, you may have heard that Twitter had some issues today. They sent out password reset emails to a bunch of users due to some anomalous behavior with their accounts, The reason? Well, it seems that these users had been using the same password on some compromised sites as they had on Twitter. Bad guys do some harvesting of userid/password combinations on the compromised sites, try them out on Twitter (and I dare say on other sites too), and make hay with those logins that work. Holy crap.

And on top of all that, about a month ago, an interview with a Facebook employee was published about the "master" password that was (is still?) used internally to provide full permissions to anyone's Facebook page and user details. Think about it: a rogue employee who could harvest logins from the company they work for, resign, and then use those logins willy-nilly.

Look, it's not difficult. Use a good password database program. There are free ones out there (Password Safe being by Bruce Schneier, the crypto guru), or you can purchase them. I use one called SplashID, mainly because you can sync the database between an app on your PC and one on your iPhone. There are very few sites I remember my password to any more, really only my banks, my network logins, and my PCs because I use them every day. These password programs even come with password generators to avoid having to use ordinary words (a dictionary attack, even with 1337 character substitutions, will discover a single word passwords in less than half a second). The answer to the question posed by the post title should be "it can't be done, not without exposing yourself to some possible bad things happening". You should have a unique password for each site.

No excuse.

Posted via email from Julian's posterous

Share it:                

Another in an occasional series where I freeze frame a DVD to see that the producers skimped on something they really shouldn't have skimped on.

This one was really blindingly obvious. A pretty good episode all told, full of the old style Len Deighton or John Le Carré who is bluffing who, who is real, who is not. The obvious bad guy doesn't seem to be that bad, maybe he's being framed, but Adam Carter knows him and is falling to pieces himself, so maybe Adam is compromised, etc, etc. There's even a George Smiley or Bernard Samson character seen in flashback. As I said, pretty good.

Then as a coda, after everything is wrapped up and MI5 save the day, the action slips to Brazil and the camera pans around the huge statue of Christ, the Cristo Redentor, on Corcovado mountain. A completely iconic shot and so therefore we're in:

Rio de what?

Shouldn't that be, you know, Rio de Janeiro? Sloppy, Kudos, very sloppy.

Share it:                

I'm sure we're all aware that the browser we use (the User Agent in internet-speak) reports back information to each web server we visit. But could a web server gain any information about who we are just from the browser? Could we be identified when we visit later on? You might think: easy, just turn off cookies and we'd be pretty much unidentifiable, but is that the case?

I tried out a web site called Panopticlick put up by the Electronic Frontier Foundation (EFF) to see how identifiable I was (or, if you like, how unique my browser fingerprint is). I got back:

Your browser fingerprint appears to be unique among the 139,433 tested so far.

Currently, we estimate that your browser has a fingerprint that conveys at least 17.09 bits of identifying information.

Yikes!

The information that is gathered and analyzed for uniqueness is the User Agent string, the HTTP_ACCEPT headers, the browser plug-ins, time zone, screen size and color depth, the system fonts, whether cookies are enabled, and the "Limited supercookie test", whatever that is. The things that are most unique for me are my list of plug-ins and my fonts. In essence, those are unique amongst the data they currently have collected in their database. The EFF have gathered some recommendations to mitigate against browser fingerprinting here.

Go on, try yours, I dare you...

Posted via email from Julian's posterous

Share it:                

This is a very handy algorithm that I came across today, which is, according to this paper, due to John von Neumann.

Suppose you have a coin which you suspect to be biased. You're not sure whether it's biased to heads or to tails, you just know it's biased. Actually, according to the wikipedia article on coin flipping, coins tend to be slightly biased naturally and it's possible to train yourself to flip a coin slightly more predictably than pure chance. So there you are with a biased coin. Nevertheless, can you use it to produce unbiased tosses?

Von Neumann came up with a remarkable idea: use tosses in pairs. If the first toss of a pair comes up heads and the second tails, call the result of the pair heads. If the first comes up tails and the second heads, call it tails. If both tosses produce the same result (heads/heads or tails/tails), ignore that pair, and start over.

In mathematical terms, we assume that all the individual flips are independent. So if the probability of getting heads is p and the probability of getting tails is q, where p + q = 1, then the probability of heads followed by tails is exactly the same as the reverse result, namely pq. Since we ignore all other pairs of tosses, it means that the overall "coin pair toss" is unbiased. Note that the algorithm doesn't require you to know what the probabilities are (though obviously if it's a two-headed coin, you'll never get any unbiased tosses!).

Share it:                

I use Windows 7 Home Premium as the OS in the various virtual machines I run. This is a space saving thing more than anything: I've limited the boot drive space to 20GB on my base VM so that I can have as many cloned VMs as I want on my external drive, and I'm assuming that Ultimate takes up a lot more room. Anyway...

The base install of Win7 Home Premium sets passwords to expire after 42 days. For a VM this is somewhat overkill (after all, I have to log in to my real machine in order to run the VM), so, today when I tried to log in and the OS came up with "your password has expired, change it" I decided to fix it instead.

Unfortunately the standard way of fixing this (running lusrmgr.msc -- just enter that in the Start search box) doesn't work in the Home Premium version because the snap-in it runs isn't present. Bah. Instead you have open up a Command Prompt as administrator (type "Command Prompt" in the Start search box and instead of just pressing Enter as normal, you right-click the menu item for it and select "Run as administrator") and type the following command at the prompt:

net accounts /maxpwage:unlimited

and press Enter. That should do it. (If you get access error 5, you didn't run Command Prompt as administrator.)

Posted via email from Julian's posterous

Share it:                

I picked this up the last time we went to England in September, and I was half way through it when I got the phone call from my sister in mid-December that my Dad had been admitted to hospital with a heart attack.

The book is not a novel, but a non-fiction book that explores, amongst other things, Barnes' attitudes to death, God, art, the fallibility of memory, and Jules Renard. It's partly autobiographical, especially about his relationships with his parents while they were growing up and when they died, and his relationship with his brother, who's a philosopher, and partly an exploration about how people, generally French writers (Daudet, Flaubert, and the aforementioned Renard) and particularly himself, felt and feel about death. The book is at times hilarious, at times very thought-provoking, at others — paradoxically — calming.

There is no way, given the circumstances that happened half way through my reading of the book, that I can review this book at a distance. To be blunt, the second half affected me deeply: I finished it in the week I was in England before my father had his second heart attack and died. The book grew into a personal diary almost, and I felt along with Barnes his reactions to his mother's death (I mean, heck, we have the same first name after all). Resonance is all.

Barnes, it seems, is terrified of death, of the thought of just not existing any more, of the total annihilation of himself. He doesn't believe in God — neither do I — although he admits that he misses Him (I do not). He does not believe and cannot be comforted by the fiction that after death we go to heaven and live there eternally. He expands on this annihilation and guesses that, since he's a fairly well-known author (I've been reading him since Metroland, his first novel in 1980), he'll be known until for possibly another 150, maybe 200 years tops. The entity that is "Julian Barnes" will vanish at that time because no one else will read him, and indeed there's a hilarious section where he imagines the last person to do so:

My last reader: there is a temptation to be sentimental over him or her (if 'he' and 'she' still apply in that world where evolution is taking our species).Indeed, I was just about to make some authorial gesture of thanks and praise to the ultimate pair of eyes — if eyes have not also evolved differently — to examine this book, this page, this line. But then logic kicked in: your last reader is, by definition, someone who doesn't recommend your books to anyone else. You bastard! Not good enough eh? [...] You don't deserve me. Go on, fuck off and die. Yes, you.

The book made me think, putting myself in his place, what do I feel about death? We have the same first name, roughly the same age (OK, he's 11 years older), both grew up in England. He writes about things that resonate (that word again) with me, including living in France. Sure, our careers are different; I concede the point. So what do I think about death?

Before Dad died, I can't say I really thought about it that much. By no means, did I do as Barnes does, screaming into my pillow with the terrors of the night and of death, but certainly, I knew that one day, the entity that is Julian Bucknall will just stop. The memories, the feelings, the thoughts will all vanish. Possibly that's why, to my wife's chagrin, I'm an avid hoarder: if my things survive my death then so will I.

Of course, it's a load of bollocks. After Dad died, I spent a couple of days going through his papers and the finances for my mother. He did everything for her, and now she was going to have to live on her own, and my sister and I wanted to make sure that she would have no money problems. There was a plastic bag full of old documents, passports, demob papers, cartes de séjour, even a vet's inoculation booklet for one of our cats from way back when. And in glancing through them, I realized that my memory of my own history was wrong in some details. If I can't even remember the minutiae of my own life, how is it even possible to remember my Dad and keep his memory alive? Barnes ran into the same conundrum: his brother and he have different, conflicting, memories about what happened at certain events and times in their family, about who their parents were and what they did.

Even though I'm "known" in the business I work in, how long will that knowledge survive my death? Certainly not as long as Barnes. I have no children, but I'm sure my nieces will remember me for a while, but once they die, that's it. No more Julian Bucknall, no one to remember me. I wonder/worry about the short-term stuff as well (should I put something in my will to keep this web site hosted and running for a few years after my demise?). After this web site goes, there goes my online presence and that's of major importance in these days of the internet and social applications.

Of course, now that Dad has gone, I think about death more. His father died at roughly 75, my father at 76: perhaps that's a hard limit for males in my branch of the Bucknall line. In which case, I have, what?, 24, 25 years to go. Concentrates the mind doesn't it? What would you do if you had 25 years left to live? Seems a long time, nothing to worry about, but I can tell you it's not. But do I fear death, like Barnes, or like Philip Larkin did? No, I'd have to say I don't; I'm more aware of it certainly, but I'm not afraid. For me, there is nothing to be frightened of.

Share it:                

A quick warning for those who use the S3 Firefox Organizer in Firefox on Windows and are contemplating upgrading to the new Firefox 3.6: S3Fox does not yet work in Firefox 3.6 and is automatically disabled when you upgrade.

UPDATE: S3Fox has now been updated (v 0.4.9) to support Firefix 3.6 (8-Feb-2010).

I got bitten by this issue with my last blog post since I'd updated my main machine with Firefox 3.6 on the day of release. Luckily I hadn't upgraded my laptop and so was able to use that one's S3Fox to upload the image from the post.

Xmarks, Firebug and FireFTP, the other Firefox add-ins I mainly use, all seem to work just fine. I dare say a fix for S3Fox will soon be available.

Posted via email from Julian's posterous

Share it:                

Back in December, I commented that I could, with a judicious bit of additional code in the open source GraffitiCMS codebase, accept posts from Posterous and publish them on this blog. Well, it turned out that it wasn't that brilliant a code change: it broke the validation for XHTML. So, this evening, I fixed up the current HTML and took another look at my code.

First of all, let me describe how I envisioned how all this was going to be used. If I'm sitting at my laptop or my main machine, I would continue to use WLW (Windows Live Writer) as my main post editor for this blog, just as I am right now. It makes sense: it's just as quick as writing an email and sending it to Posterous, but with WLW I have more control over things. If I'm away from my main PCs, and I want to post, I can use Gmail on my iPhone or someone else's PC to send an email to Posterous and this would replicate across my social sites, including this blog. Of course, if I also wanted to make sure that a mini blog post hit my Facebook, Twitter, LinkedIn as well as my Posterous blog, I would have to use the email route no matter where I was.

OK, that's the basic scenario: If I want to use Posterous' services, I use Gmail. Otherwise it's WLW all the way, baby.

Rather than use my main user id for GraffitiCMS on this site for my blogs from Posterous, I decided to create a new user and a new category both called "posterous". I would rather not have had to set up a separate category, but I had to, as we'll see in a minute. I also created a role called "posterous" and made sure that this role could only have permissions to the "posterous" category. Overkill, perhaps, but I wanted to limit any damage an external user had on my site. I set up the Posterous configuration for the Autopost to my blog to use this new user.

The first code change, then, was to listen in for blog posts from Posterous and do some fiddling with the data. This is from the newPost() method in MetaWeblog.cs:

        if (post.categories != null && post.categories.Length > 0) {
          postToAdd.CategoryId = AddOrFetchCategory(post.categories[0], user).Id;
        }
        else if (String.Compare(username, "posterous", true) == 0) {
          postToAdd.CategoryId = AddOrFetchCategory("posterous", user).Id;
          postToAdd.PostBody = FixUpPosterousText(postToAdd.PostBody);
        }
        else {
          postToAdd.CategoryId = CategoryController.UnCategorizedId;
        }

Here you can infer the first problem: no matter what I did I could not get Posterous to send the MetaWeblog interface any category information (ditto tags as well). It seems there's something that might work: Posterous helpfully say that if you put some specially formatted text in your email subject like this, ((tag: tag1, tag2)), it will use those values as tags. However, my testing shows that this only works for the posts that appears on the Posterous blog, they're not transmitted anywhere else.

In GraffitiCMS 1.2, the post would be automatically rejected as having no category, but as you can see in the open source 1.3 Alpha it gets the uncategorized id by default (I disagree with this change but am riding with it for now). I added my code to check for the posterous user, and set the category to "posterous" automatically if so. Note also that I also fiddle (sorry, "fix up") the post body by calling another method. Why this fix up?

Here's some raw text the MetaWeblog interface gets from Posterous for a simple test post (I added some line breaks to format it better):

<div class='posterous_autopost'>
<b>Line 1</b><br />
<b>Line 2</b>, no intervening blank line
<p />
<b>Line 3</b>, with intervening blank line
<p />
<b>Line 4</b>, with break<br />
continues 
</p>
<p style="font-size: 10px;"> <a href="http://posterous.com">Posted via email</a> 
from <a href="http://jmbucknall.posterous.com/test-post-from-posterous-38">Julian's posterous</a> </p> 
</div>    

It's horrible. Apart from the ending footer (which you can see defined in the Posterous autopost config image above) it's a bunch of naff-looking HTML encased in a <div> element. And there are those nasty empty <p /> elements as well. No paragraph elements per se, but HTML encodings for links and text formats were coming through fine from Gmail. I have no idea which service is adding those funky empty paragraph elements, but I'm guessing Gmail at this stage.

I decided to do the minimum fixing up possible that would work, so at this point you may validly throw up your hands in horror at the code: yes, it'll break at the merest change from Gmail or Posterous.

    public string FixUpPosterousText(string postBody) {
      // Posterous posts have embedded <p /> for blank lines
      // They also are embedded in a div with class posterous_autopost
      var fixedText = postBody.Replace("<p />", "</p><p>");
      fixedText = fixedText.Replace("<div class=", "<p class=");
      fixedText = fixedText.Replace("</div>", "");
      return fixedText;
    }

In essence, replace all those nasty <p /> elements, change the <div> to a <p> instead. I left the class name present for future use, although I can't imagine what for at the moment (it's only applied to the first paragraph of course). Another possibility for this method is to extract tag information from the main body of the post from some specially formatted text, but that's a job for another free evening.

Those small changes were enough to produce valid HTML that displayed well with the look and feel on my blog from a (fairly simple) email sent using Gmail to Posterous.

Share it:                

Found this site this morning: Petavoxel, a brand new blog that so far seems to talk mostly about the hardware aspects of photography, especially about why the rush for more megapixels in a point-and-shoot camera is an exercise in stupidity.

The most interesting from a visual aspect is this article: it shows a crop (not magnified or otherwise distorted) from a photo taken by an ordinary point-and-shoot (I so want to abbreviate that to POS -- Must. Stop.). The artifacts from the ultra-tiny pixels on the CCD are all too obvious once the rest of the photo is ignored and hidden.

From a technical viewpoint, this article is equally as interesting: it lays the groundwork as to why the image from the previous article is so bad. His latest article states that you should be looking at cameras with sensors that have pixels greater than 2 microns in size.

The summary is this: putting more megapixels in a point-and-shoot camera is a waste of time (the author goes even stronger, he calls it a marketing fraud); the reason why the best photos come from a DSLR is not necessarily because of the bigger, better lenses, but because of the bigger sensor.

Posted via email from Julian's posterous

Share it: