Mark Gilbert's Blog

Science and technology, served light and fluffy.

Curse those bugs

I can honestly say that my day as a software developer is going FAR better than some others out there.

Curse those bugs

Source: https://news.google.com

July 8, 2015 Posted by | General, Software Process | Comments Off on Curse those bugs

Pixie Password Policy

One of our recent movie acquisitions was The Pirate Fairy, the fifth in Disney’s "Fairies" series, which shows Tinker Bell’s origins and develops the entire Pixie Hollow universe.  Don’t let the fact that these have never been in the theater* fool you – these movies have good stories, have great characters, are well-cast, and they’re funny!

"The Pirate Fairy" is about a dustkeeper named Zarina.  Pixie dust, you see, is what enables the fairies (and anything else) to fly, and it’s up to the dustkeepers to manage and distribute it.  Up until this movie, we know about two major kinds of dust – the golden pixie dust that you see getting sprinkled on everything, and a much rarer blue dust.  The blue dust is so rare and precious, in fact, that the dustkeepers actually keep it in a locked vault.  All of the dustkeepers apparently have the combination because one of the earliest scenes is of Zarina pulling "blue dust duty", which involves her and her boss, Fairy Gary, opening the vault to take some of the blue dust out for use.

Now, Zarina is not just any dustkeeper.  She’s an inquisitive dustkeeper.  A VERY inquisitive dustkeeper.  In her spare time, Zarina has been running a few, shall we say, "unsanctioned" experiments with pixie dust, trying to learn more about what it can do.  When one of her experiments gets away from her, Fairy Gary fires her.  She packs up her things, and leaves Pixie Hollow.

A year later, she returns during a festival where all of the fairies are gathered at the stadium, and puts all of them to sleep using poppy pollen – all except our heroes, of course.  She then proceeds to open the vault and steals all of the blue pixie dust.  I won’t ruin the rest of the movie for you, but it does have a happy ending.

***

What I’m going to focus on, though, is actually Fairy Gary and his lack of good password policies.  Let’s start with the sheer number of people that know the combination to the vault holding probably the most precious thing in all of Pixie Hollow.  How many dustkeepers do you have in your employ, Gary?  Do they ALL really need full admin rights?

And then there’s the fact that you haven’t change the combination to the vault in at least a year.  Even if Zarina hadn’t left, good password hygiene demands that a combination like this should be rotated every couple of months – at the minimum.

But then you fired an employee with full admin access.  That event alone should have triggered an immediate change to the combination.

And do I really need to even ask?  We’re only talking ONE combination to be changed here.  How much effort does it really take to change and distribute the new combination, really?

Sigh.  All this trouble could have been thwarted had Fairy Gary just used some basic system administration best practices.

 

* Well, almost never – accordingly to IMDB, Tinker Bell and the Lost Treasure apparently spent a week in the theaters in LA, just long enough to qualify for the 2010 Oscars.

May 6, 2014 Posted by | General | Comments Off on Pixie Password Policy

Two-word searches

Years ago I came across a game you could play with Google where you tried to find a two-word search that would turn up exactly one result.  The fun part of this game was that once you found one of these magical searches, you’d post it somewhere on the ‘net, and then after a little while Google would come along, crawl your post, and then *poof*, there would be two results for that pair of search terms – the original and your port – thus making your find very short-lived.  I tried a few crazy searches of my own, seeing if I could stumble upon one of these, but I wasn’t ever able to.

Fast forward several years.  I was troubleshooting an NHibernate issue I was working on, and I did a search using two terms, and it came up with exactly one hit:

Google Results

I ran this search on December 10, and at the time the link returned a 404.  Google has updated since then to remove the search result, so re-running the search for these two terms turns up 0 hits now.

Short-lived, true, but hey, I finally found one!

December 20, 2013 Posted by | General | Comments Off on Two-word searches

Psych & Human Research 101

John Scalzi (a sci-fi novelist and blogger that I’ve followed for years) recently wrote an amusing post earlier this week titled "Okay, Well, That’s Nice to Know".  In it, he finds that a site titled WhatDoesTheInternetThink.net reports that 89.7% of the Internet has a positive view of "John Scalzi".  This intrigued me.  I mean, don’t get me wrong, I’m part of that 89.7%, but what exactly is this site evaluating to come up with that number?  Without any extensive digging, I found that the footer contains this line:

"The engine is still in beta and Bing’s results may vary per day. Last update: january 25, 2013"

It seems likely, then, that what is happening is that your search term gets run against Bing, and those search results are parsed and analyzed for articles that are positive toward that search term, ones that are negative toward them, and a third group that are "indifferent".  Tally up the articles, and you get your three percentages.

What was really interesting about this was how various search terms would be evaluated.  For example, searching for "obama":

Obama

Turned up a mostly negative response, but if you searched for "president obama":

President Obama

The response was overwhelmingly in the other direction.  That got me thinking that perhaps articles that were written and referred to the President as merely "Obama" were more likely to be negative in their view towards him, but if they referred to "President Obama", then they were more likely to be positive.  Let’s try another polarizing name – "clinton":

Clinton

Ooh, but wait – there are TWO Clintons in politics in the news.  Perhaps their results are being mashed together by the internets:

Bill Clinton

Untitled

Certainly not definitive, but it looks possible that the results for "clinton" were an average of these two.  Now, let’s add their titles:

President Clinton

So far so good for my theory.

Secretary Clinton

A "No results" message was also intriguing, and the "Why’s This?" link explains it:

Secretary Clinton Why No Results

So, clearly they have some more content curation to do.  At any rate, this got me thinking about the possible ramifications. 

To be fair, I don’t claim to be making some unbelievably wise observation here: not only was this discrepancy picked up by one of Scalzi’s commenters, and I’m sure this is Psych & Human Research 101. 
    
I also am not claiming a causal relationship here – there simply appears to be two phenomena that coincide – presence or absence of titles and ratings.

If you were conducting a political survey, it would appear that how you referred to the target person – either with their title or without it – could skew the results in one direction or another.  The title conveys a sense of accomplishment and honor, things that when they are used in a question may get you to phrase your response a little differently:

What do you think about Obama’s health care plan?
What do you think about President Obama’s health care plan?

Again, probably Psych & Human Research 101, but still interesting.

And just for the record, the jury is still out on me:

Mark Gilbert

Don’t rush.  I’ll wait.

February 6, 2013 Posted by | General | Comments Off on Psych & Human Research 101

1337 Tests

My primary project hit a milestone today:

1337

There should be a medal for this kind of thing, don’t you think?

August 9, 2012 Posted by | General | Comments Off on 1337 Tests

Experimental road work ahead

On Saturday, I repaved my machine – completely reformatted and reloaded the OS and all software.

I didn’t decide to do this until Saturday morning.  The night before I had tried to get my Kinect hooked up as a web cam for use with Skype.  I mean, it’s a video camera, right, how hard could it be?  Famous last words.  As it turns out, the Kinect camera doesn’t register itself with the OS in a way that Skype can recognize it as a web cam.  Then I found a guy who wrote a shim called KinectCam.ax that addresses this very issue.  The .ax file is a binary that needs to be registered with the machine, and after several failed attempts, I finally managed to get it registered.

But Skype STILL wouldn’t recognize that a camera was attached.

This was the latest in a line of things I’ve tried to do with my machine over the last couple of years that hasn’t worked despite my best efforts.  I didn’t have the stomach to sit through another marathon debugging session, so I purchased a Logitech web cam and hooked it up to my wife’s computer.  Within 15 minutes we had the camera hooked up and working, and were happily Skyping away.  To be fair, I did not try to hook the Kinect up to my wife’s machine, or try to register KinectCam.ax on it.  It’s entirely possible that it would have worked on her machine.  But on that Friday night, I hated computers.

I woke up Saturday morning with a fresh thought.  I’ve had many more things not work on my machine than on my wife’s machine, and the main difference is the edition of Windows 7 – hers is 32-bit while mine is 64-bit.  Perhaps if I had 32-bit on my machine, I wouldn’t have as many problems.  So, I decided to repave it, and load Windows 7 32-bit.  This would be my first of three experiments – how big a deal it is to load various pieces of software onto my machine?

Since I was starting fresh, I decided to scrap another piece of my original master plan.  When I first loaded Windows 7 on this computer, I actually installed it twice – the first was the "base" OS, and then I loaded a Windows 7 virtual image on top of it.  My thought was that I could periodically save off the virtual image, with all of my software and configuration settings, to an external hard drive.  Then, if I ever needed to reformat my machine, I just load the base OS, copy the virtual OS file image over, and fire it up.  Voila!  Nearly-instant computer.  While I did periodically back my virtual image up, I never found a need to reload it.  And because the virtual image was, well, virtual, I was losing out on at least some of the power of my machine.  So this time, I just installed a single copy of Windows, right onto the metal.

Now, because I’ve loaded Windows 32-bit rather than 64-bit onto the metal, I’m losing out on almost half of the 6GB of RAM in the machine, but this leads to my second experiment – how does Windows 32-bit running on the metal with 3+ GB of RAM compare to 64-bit running virtually with 6GB of RAM?  The answer so far appears to be "slower".  My screen saver of choice for many years now has been SETI@Home.  Last week on 64-bit / 6GB, it would run very smoothly, and with no noticeable jerkiness.  Now, with 32-bit / 3 GB, it is VERY jerky.  In fact, the animation comes to a stop every few seconds.  Since the processor in both of these tests is the same, I can only conclude removing almost 3 GB of available RAM is the problem.  SETI@Home isn’t a primary application for me, so I can survive if that’s a bit slower.  I’ll have to see how various games like LEGO Harry Potter perform.  I may decide to go back to 64-bit before this year is out, which leads me to my third experiment…

How little software can I get away with loading?

For many years now, I’ve maintained a growing list of software to install on my computer.  I’ve averaged about one full reload – either a work machine or a home machine – every year for over a decade.  In having to do it about once a year, it quickly became apparent that I couldn’t keep track of all of the various utilities, applications, and tools I use, let alone the order that they need to be installed in, where to find them, or what the keys are for each.  I started a document to track all of that.

My work machine is definitely a beast when it comes to things I use on a regular or semi-regular basis – so much so that if I started from scratch, and even if I had everything at hand, it would still take me the better part of two days to reload my machine.  My home setup isn’t much better.  I didn’t want to go through that this time around.  I decided to load just what I knew I would need to use in the next two weeks, and the rest of the list will be loaded on an as-needed basis.

The upside here is that it drastically cuts down on the time needed to install the OS fresh.  That means that if I do decide to reload Windows 64-bit, I’ll only be out a few hours.  The possible downside is how annoying it may be to load something new up when I discover I need it.

***

The other thought that has been in the back of my mind is how much of what I use on my machine could actually be put in the cloud?  Already, I use cloud-based applications for email, a personal wiki, calendaring, my contact list, and so on.  If I could push more of what I do into the cloud, it means less computer is needed, and a much faster reload time.  Of course, the cloud has its own drawbacks – if you can’t connect to the interwebs, you’re sunk.

Baby steps, Mark.  Baby steps.

July 11, 2012 Posted by | General, Tools and Toys | Comments Off on Experimental road work ahead

Moments of weird, cool pause

Last week, my family and I drove back from Florida.  We broke the driving up over three days, and stayed at the Great Wolf Lodge in Mason, Ohio.  For those of you not familiar, Great Wolf Lodge (GWL) is an indoor water park and resort.  We stayed at the one in Sandusky, Ohio last year, and the girls loved it.

GWL hands out colored wristbands that you need to wear while you are at the hotel and water park, to let the staff know you had really paid to be there.  Last year at Sandusky, our room key was a standard credit-card sized piece of plastic you swiped.  This year, we found the room key was actually an RFID chip embedded into the adult wristbands (the girls just got straight plastic ones).  Apparently they rolled this out starting in 2006, and have been upgrading their resorts over the years (here is an RFID Journal article about this from 2006).

In addition to opening your hotel room, you could charge things to your account by letting the cashiers at the various stores and restaurants scan your wristband (and ask for your last name as a confirmation).  Even the external doors to the building had RFID readers that would unlock the doors when it scanned a valid wristband.

It meant you never had to take anything else with you while you were in the building – no keys, no wallet, no plastic credit-card key.

Science fiction stories abound with people being able to identify themselves, tie into their bank accounts, etc., with nothing more than a retina scan, or a chip embedded into their hand, or even their DNA.  No one loses their keys or drops their wallet in a science fiction story.

That’s what this felt like.  A science fiction story made real.

And I felt naked.

I’ve said for a while that I would love to have a computer embedded in my body so that I could unlock doors, start my car, pay for things, take a cell call, send an email, and pull up the news – all without any external devices.  However, I can’t help but think I may not be able to surmount the weirdness that would go with it. I would love the convenience, but I’m sure each time there would be a moment of "boy this is weird and cool!"

I wonder if my kids – or my grandkids – would have any such moments of pause if this became commonplace in the next 20 years?  Probably not.

June 28, 2012 Posted by | General | Comments Off on Moments of weird, cool pause

Flowers, puppies, and beaches

This past week, someone posted photos from Christina Hendricks’ hacked phone.  Before that, it was Olivia Munn and Scarlett Johansson.  After the first couple of announcements like this, you’d think people would stop taking pictures of themselves in varying states of undress using a phone that could just as easily be left on a café table as hacked.  Maybe they like the publicity.

But here’s something to think about.  How many celebrities out there DON’T do this?  How many of them just use their phones to take pictures of flowers, puppies, and beaches?  Then, when some miscreant hacks THOSE phones and doesn’t find anything scandal-worthy, they just delete the stolen images and move on to the next one.

March 5, 2012 Posted by | General | Comments Off on Flowers, puppies, and beaches

Type-writer

Many years ago, at my former company, I took the Myers-Briggs Type Indicator, or MBTI, personality test.  I relieved to report that I’ve passed this test every time, so you can be assured I have a personality.  For a more serious overview of the MBTI, please visit http://www.myersbriggs.org.

I think I’ve gone through this exercise four times in my life, and the result has been the same in all cases – INTJ.  There is a lot of meaning behind those four letters, but the points that I frequently come back to are these:

  1. The "I" stands for "Introvert", which despite popular belief does not mean I shun other people.  Rather, being around large groups of people is exhausting for me, while interacting with small groups or just being by myself is frequently energizing.  An extrovert would tend to react in the opposite manner in these cases.
  2. The "N" stands for "Intuitive" and "T" for "Thinker".  One of the traits of an "NT" is the ability and drive to constantly improve upon everything around them in the pursuit of perfection.

I most recently went through the MBTI evaluation this past week, and to my great surprise, I found I have apparently mellowed with age.  All of the previous times taking this test showed an incredibly strong preference for all four aspects of the type – I would usually peg at least two of the letters at the end of the spectrum, and the other two would be close behind.  This time around, the INT all showed moderate or weak preferences (the J was still in the nearly 90 percentile).

What do I make of this?  As far as the "I" goes, I don’t run screaming when a party invite comes across my desk.  I might still come home and feel exhausted afterward, but I don’t (as frequently) use that as an excuse to avoid them.

As for the "NT", I don’t try to achieve perfection as much any more. I might still aim for it, just so I can say I got "in the neighborhood" of being perfect, but I can still ship something at the end of the day.  Looking back, I definitely see a change in how I approach a software release now versus even 5 years ago.

At any rate, if you’d like to take the test, go here first: http://www.humanmetrics.com/cgi-win/JTypes2.asp.  Then visit the Myers-Briggs Organization’s site for information on the 16 possible types.

December 5, 2011 Posted by | General | Comments Off on Type-writer

GE Flyover

GE has a phenomenally cool way to showcase some of their production facilities – flyovers with a camera mounted to an R/C helicopter.  Check it out on their YouTube channel:

November 19, 2011 Posted by | General | Comments Off on GE Flyover