It’s no secret that WEP and WPA can be cracked, WEP in less than a minute. Security guru Bruce Schneier recently wrote that his own home wifi network is open - no password, no encryption. My packet filtering freeBSD server’s power supply started making a lot of noise and I decided to turn it off for good. Moreover, I turned off WEP at the wireless router.

My old Netgear router doesn’t support the new and more robust WPA standard, and WEP provides almost no security: there is nothing to be gained by enabling it. No more dealing with hex keys. It’s easy for friends and family to drop onto the network when they come over. Likewise, new machines are easy to configure.

What’s the worst that could happen? I live in the suburbs. The idea of someone sitting in a car, in the Colorado cold, stealing my connection isn’t a likely scenario. And if it they did, so what?

More likely, a neighbor would connect to my network - probably inadvertently - and steal band width from my connection. Unless my network is running slow, I’m not really worried about this.

But what about our family’s computers and data? We have several Linux/FreeBSD boxen, and two Macs. Our wireless router is no less secure than any of the free wireless hot spots I connect to: the airport, cafes, office park free wireless, etc. We simply take the same precautions at home we would take at a public wifi connection.

A few simple things should keep your data safe:

1. Keep your computers up to date.
2. Use a safer browser, like Firefox.
3. Don’t enter any data you care about - passwords, web forms, etc. - from a web page that is not being served over SSL (https in the url).
4. If you use an email client, make sure you use SSL to pop/imap your mail.
5. Encrypt any sensitive data on your machines.

Make sure you do the above when you use a public wifi connection.

I do a couple other things, that won’t stop anyone in the know from using my network, but will keep the neighbor kid from accidentally using my printer.

• You can use access by mac address to white list your computers. This can be easily spoofed, but will prevent anyone from ‘accidentally’ connecting to your network.
• Turn off (or disconnect) your printer when you’re not using it.
• You don’t have to broadcast your SSID.
• Check your wireless router’s log files.

References

Cracking WEP and WPA Wireless Networks

Bruce Schneier. My Open Wireless Network

Genki Sudo retired from mixed martial arts two Decembers ago, after seeing a sign in a urinal saying “one step forward.” Genki is not only a tremendously gifted fighter, but he’s one of the greatest entertainers in the fight business. Check out his amazing entrance in this video - compared to the standard thug like entry to some crappy rap-metal, complete with black hoodie and angry stare. Note how calm he remains fighting off his back, the respect he pays his opponent, and the trademark “We Are All One” flag he flies at the conclusion of every fight.

Good luck to Genki wherever the future takes him. As a fan, I’ll miss his ring antics and skill.

I’ve tried using Grip and other GUI CD ripping tools. They are much too complicated and unpleasant to use. I found a great command line tool for ripping CDs: abcde, A Better CD Encoder. You can easily rip to flac, ogg, or mp3 format - even all at the same time. It queries the CDDB database, and is easily configured from a single - well commented - file. It’s available in most of the Linux distros, or you can install it from source. If you need a full featured, yet easy to use ripper, look no further than abcde.

Once installed, insert and mount a CD; type abcde -o mp3; abcde will prompt you to confirm the CDDB settings, and you’re done.

I wanted to install Open Office on my Xubuntu laptop, but since I’m already using the Sun Java JRE - a requirement for Java development, I don’t want to install the excremental GCJ (GNU Compiler for Java Runtime). Aptitude wants to install gcj-4.1-base gij gij-4.1 libgcj-bc libgcj-common libgcj7-0 libgcj7-awt libgcj7-jar and other sundry gcj packages. I prefer to manage my SDKs/JREs outside of APT.

I’m also not interested in any of the so-called desktop integration Ubuntu uses; I use fluxbox and it’s easy enough to add soffice to the root menu.

The Linux download of OpenOffice.org includes RPMs. Here’s how to install it on a Debian derived system - like Ubuntu.

Make sure you have Java installed

  $ java -version
  java version "1.6.0_01"
  Java(TM) SE Runtime Environment (build 1.6.0_01-b06)
  Java HotSpot(TM) Client VM (build 1.6.0_01-b06, mixed mode, sharing)

Download OpenOffice.org

Download OpenOffice.org (currently version 2.2.1) for Linux, without the jre, from: OpenOffice w/out JRE

Untar the download someplace.

Navigate to the RPMS directory.

Use the alien program to convert the RPMs to deb packages.

 sudo alien --scripts --keep-version -d *.rpm

 sudo dpkg -i *.deb

(If you don’t have alien installed, sudo aptitude install alien first)

OpenOffice.org will be installed in /opt/openoffice.org2.2

Start OpenOffice.org with /opt/openoffice.org2.2/program/soffice

UPDATE: 8 February 2008

Sun SDK 6 is now available in the Ubuntu repositories. Here’s how to back out the above, if you’d like to return to a solution under package management:

Install the Sun Java 6 SDK

   sudo aptitude install sun-java6-jdk

Get rid of the Open Office install we did above:

  sudo aptitude purge openoffice.org-core

(Accept aptitude’s ’solution’)

Install OpenOffice from the Ubuntu repository:

sudo aptitude install openoffice.org

Now your OpenOffice install is managed by Ubuntu, and you still didn’t have to install the grotesque GCJ. Life is good.

Debian releases are few and far between, irritatingly so. It’s great news to see that Debian 4.0 - named ‘Etch’ - was released 8 April 2007. It looks to have plenty of good upgrades, including Xorg, udev, etc. See the release notes for details.

For annoying political reasons, Debian doesn’t include Mplayer. See the Multimedia Debian Packages for a solution. Kudos to Debian for this milestone.

If your searching for a rock solid, well thought out, free operating system. Debian is a great choice.

My shoulders are burning and I can hardly hold my hands up. Each time I punch the heavy bag, my feet slip backwards in the puddle of sweat which is dripping off my body. I steal a glance at the timer. Barely a minute has passed, two to go. Guy on my left continues to murder the bag. Each one of his punches is accompanied by a loud “pshhh” of air as he forcibly exhales through his mouth guard. Rhythmically, “pshhh, pshhh, pshhh.” The bag he’s hitting bounces up and down, rattling the chains it hangs from, shaking the I-beam frame that runs along the ceiling, and violently swinging the bag to the right from the power of his left hook. I try to concentrate on the drill - left jab, straight right, left hook - “pshh, pshh, pshh”. I’ve never been so tired.

The gym is located at one end of a non-descript strip mall. It shares an entrance with a used bookstore/video rental shop. Customers of either business are greeted by a life size, black and white cutout of a young Mohammad Ali attached to the entry way wall. The glass door on the right leads to the gym.

The the walls of the gym’s small entry area are covered in newspaper clippings, photographs, and posters of boxing events. The posters are mostly in French, and from the 1980’s. Ali, the gym owner, greets me with a gentle handshake. His French accent is thick and he doesn’t look much different than the spry kickboxer on the posters from almost 20 years ago.

Ali explains to me that street shoes are not allowed on the training mat – the red, grey, and blue soft vinyl that covers the gym floor. I can kickbox bare foot, but he’d like me to get a pair of wrestling shoes, which are like boxing shoes, but easier to find. Ali took a pair of 16oz training gloves, two blue handwraps, and a jump rope from a cupboard in the gym office and handed them to me. “Ask Danny to show you how to put on the wraps.”

The office is separated from the gym by a floor to ceiling window. I could only see one guy in the gym, stretching and pacing, waiting for class to begin. Ali got up and walked to the office door, “Danny, show Kenneth how to wrap his hands.” I said thanks as I took my new stuff out of the office. Ali reminded me to always sign in before working out, and that I could not workout more than three times per week.

Danny walked over as I unrolled one of the two blue elastic handwraps. They are twice as long as I am tall (I learned later that Mexican style wraps are 180 inches, or 15 feet, long). He showed me how to hook the loop at the end of the wrap over my thumb and wrap around my wrist, over my hand, through each finger, again over the knuckles - to pad the punching surface, and ending with several wraps around the wrist. He explained that the wraps are to protect the small bones in your hands and fingers, and to keep your wrist from getting sprained. I wonder to myself protect from what?, and I nervously hope we aren’t going to be hitting each other that hard, at least not on my first day. It feels neat to have my hands wrapped up and I’m eager to see how it feels when I punch something.

As I finish wrapping my hands, a few other guys show up for practice. I notice I’m the only guy without a bottle of water. Ali walks across the gym floor and turns on a large digital clock on the wall. The speaker on the front of the clock emits an oddly distorted digital imitation of a bell ringing and everyone begins jumping rope. I look at the clock; it says 2:58.

The ceiling is low, so each turn of my rope hits the acoustic tile above me, knocking a small piece of fuzz loose that slowly floats to the floor. By the time there are six pieces of ceiling fuzz on the ground around me, Ali comes over and ties a few knots in my plastic rope, shortening it to the right length. I’m clumsy. Each time I misstep, the stiff plastic rope whacks my second toe - on my feet, the longest toe. As I’m getting started for the umpteenth time, Ali walks buy and says, “You should get some shoes.”

I’ve broken a sweat, my calves are starting to burn, and my two long toes feel like I’ve stubbed them on the curb. The clock emits a rapid series of digital bell rings and I stop jumping. Everyone around me speeds up. Some of the guys are doing double unders, turning the rope twice around each jump. I look at the clock and it reads 00:30. Thirty seconds to go. I figure out that you are supposed to sprint at the end. I start again and hit my toes three more times before the digital bell rings and Ali says, “Time. Stretch out.”

Everyone drops their ropes and starts doing basic stretches or sipping from their water bottles. A young Latino guy says, “Hey, I’ve got an extra water. You want it?” I nod, and gulp down at least a pint. Before I can get the cap back on, the timer squawks its distorted bell and everyone is jumping rope again. I’m too winded to say thank you. This continues for four rounds. By the end of the fourth, my toes don’t bother me because they are tingling and numb. My shorts and shirt are completely sweat soaked. Ali says, “gloves.” And the guys all head into the locker room. I head to the bathroom to refill my now empty one liter water bottle. As I’m putting on my gloves, Ali produces a felt pen and marks them with my initials.

We form a loose circle around Ali, and he pairs us up, nodding and waving his glove with a quiet, “go with him.” I get paired up with the guy who gave me some water. He tells me he’s new too, which is a bit of a relief. Ali beckons one of the guys over with his gloved hand. The student, fit and crew cut, is wearing a mouth guard and colorful Thai boxing shorts. He looks tough. Ali shows us, slowly at first, that we are to round kick to the middle with the right leg, jab with the left hand, and punch with the right. He does this combination two or three times, each time faster. The last time, he goes a quite a bit harder and the guy is actually getting knocked around by the kick and punches. He tells us to get started.

My partner says, “go ahead” and raises his hands. I have no idea what to do. How do I stand? Where do my hands go? I sneak a look at some of the other guys, raise my hands up near my face, spread my feet apart, and swing my leg gently towards my partner’s middle. I land off balance, and weakly punch: left, right. I try again. This feels awkward. Ali comes by and tells me to keep my hands up, showing me and my partner where to put them. I kick again, but can’t hold my hands up while kicking. I’m wondering if I shouldn’t have signed up for dance lessons instead of boxing.

A few more times and Ali tells us to switch. My partner kicks me with his shin in my side. He asks me to turn the palms of my gloves toward him, and he punches each one - left right. Ali takes my place and shows me how to block the kick by bending my body to lower my arm, and to help my partner punch by meeting his punch with the palm of my hand. It makes a pleasant popping sound when my timing is right and his punches meet my gloves with a snap. We do a few more drills like this - each taking turns for three to four minutes, pausing after each round for instructions and to sip water. I’m using muscles I’m not sure I’ve used before. My hips are tired and stiff. When we’re working on head kicks, I can’t get my leg higher than my partner’s armpit.

At the end of the last round, Ali tells us to take a heavy bag. He demonstrates a simple combination we are going to practice first: jab, right, left-hook. We wait for the timer and Ali tells us to start. He comes around and gives me some help. I’m clumsy and awkward. In between rounds, Ali demonstrates the next combination we are to practice: front kick, right elbow. Low kick, high kick, left, right. And so on.

Ali gives me more help. I’m to focus on the left jab, keeping my right hand up, making sure I’m not too close to the bag. I can use my left hand like a curb feeler, to figure out the distance I need to be from the bag. When the third round is over, I’m gassed. I’ve only been in the gym for 50 minutes.

Everyone takes off their gloves, and get a floor mat from a pile in the corner. We’re going to ‘cool down.’ We start out with 100 crunches, done very quickly. I’m only able, after the first ten, to do every other one. A quick break, and it’s fifty v-ups. My stomach muscles are now failing completely. I can’t do another sit up. We end with fifty “boxer’s situps,” full situps ending with a one-two punch over the knees. I can only do about ten. We do some light stretching, put our mats away and my first hour of Muay Thai is over.

When I get home, I struggle to get my shirt off both because I am sore and because it is stuck to my skin. I was planning on taking a shower, but instead I get my clothes off, crawl into bed, and sleep for a couple of hours.

–June 2006 Colorado Springs

I’m working on an image manipulation program that requires the Ruby ImageMagick bindings, RMagick. I was unable to install RMagick from either the gem, or the Debian package. Building RMagick from source didn’t work either.

The following worked for both a Debian Sarge box, and an Xubuntu laptop. I hope it saves someone some grief.

$ dpkg -l | grep magick
  ii  imagemagick    6.0.6.2-2.7    Image manipulation programs
  ii  libmagick6     6.0.6.2-2.7    Image manipulation library
  ii  perlmagick     6.0.6.2-2.4    A perl interface to the libMagick
  ii  rubymagick     0.1.3-13       Ruby interface for ImageMagick

Get rid of the rubymagick package

$ apt-get remove --purge rubymagick

Install the dev versions of libmagick6 and Ruby 1.8 edit: for Xubuntu, install libmagick9

$ apt-get install libmagick6-dev ruby1.8-dev

Install rmagick from the gem

$ gem install rmagick

You can test the install by running a simple app like this, which will print the EXIF data from an image:

require 'rubygems'
require 'RMagick'

require 'pp'

img = Magick::Image.read('test.jpg').first
exif_data = img.get_exif_by_entry()

pp exif_data

Update:

As of Xubuntu 7.04 (Feisty Fawn), you need libmagick9-dev.

My friend, Mark Woodman, wrote an article about the frustration with shortcuts developers often take. It really hit a nerve with me. I too would bristle at the suggestion to delete an annotation and “get back to work” without first understanding what was the original intention of the annotation and - perhaps more important - what are the consequences and side-effects of it’s removal. In fact, I think I’ve bristled my way out of several jobs over stuff like this.

Shortcuts are almost never about time. It’s about your craft. If your goal is writing good software, it’s not enough to just get it to compile. Any monkey can write code that compiles. It’s about writing software that works as it should. It’s about writing software that can be maintained by other developers. What am I supposed to think when 1/3 of a source file is commented out and there is no comment explaining why? The time someone saved not commenting a hack like this is lost ten fold the instant another developer has to touch the code - to say nothing of the loss of quality.

Software is hard work. But, if it’s your job, it’s not too much to ask for you to become familiar with any API’s you are using. It’s not to much to ask that you learn the idioms and patterns common to the language you are developing in. It’s not too much to ask that you have a greater than passing knowledge of the specifications you are coding to. This is no different than expecting a carpenter to know how to paper a window, a veterinarian to know how to prescribe a stool hardener, or a cook to know how to cut an onion.

What web developer doesn’t have the time, energy, or interest to understand the HTTP protocol? Why can’t I put &’s in my XML data? See the spec. If you’re writing a JSP, print out a handy reference card. You should know how and where to find these things.

Like Mark, the excuse I often hear is, “Who has time for that.” The answer isn’t about time. It’s about interest. It’s about caring about your craft. It’s about character and having the integrity to know when you really don’t have time to do something right, and when you are just taking a lazy shortcut that someone else will live to regret.

preparing polenta is a ritual; eating it like receiving a sacrament. -Marcella Hazan

Although most Americans associate pasta with Italy, the primary staple of the Veneto, Friuli, and Lombardy is polenta. Traditionally, polenta is prepared in an unlined copper pot called a pailo, which hangs from a hook over the middle of the fireplace. Fortunately, preparing polenta today is not nearly such a pain in the ass.

In our family, we often serve polenta as the main course, but it is also a fine accompaniment to many dishes. It’s grilling season now, so think cooled, sliced, brushed with olive oil, and grilled to go with whatever else is on the grill.

Polenta can be served with a pat of butter and grated Parmesan cheese. Or, topped with crumbled Gorgonzola cheese. When I was a cook at Zuni, we served it with a spoonful of Mascarpone cheese.

You can also serve it with a couple of spoonfuls of meat or tomato sauce. Polenta goes with nearly any meat dish, particularly braised beef dishes.

Preparing Polenta

Polenta can be either white or yellow, fine or course. Everyone I know prefers the course yellow meal. Seek it out.

Polenta is prepared using approximately a four to one ratio of water to polenta.

• 4 1/4 cups water
• 1 tablespoon salt
• 3 tablespoons unsalted butter (optional - well, not really)
• 1 cup course grained yellow polenta

Bring the water, salt, and butter to a boil in a heavy bottomed pot. The traditional polenta pot is an unlined copper pot, but a thick steel pot is perfectly acceptable.

Add the polenta to the pot in a slow stream so that you can see each grain of polenta landing in the pot, stirring with a whisk until all the polenta has been added.

Turn the heat down to a low simmer and continue to stir with a whisk. After ten minutes, exchange the whisk for a wooden spoon. Continue to stir for 40 minutes, adding a small amount of water if necessary.

The polenta can be served when done, or placed in an oiled bowl or container to cool. Cooked, cooled polenta will keep for several days and may be sliced, brushed with olive oil and grilled or broiled. Thin slices of polenta can also be used as a replacement for pasta in lasagna like dishes.

Kenneth - Colorado Springs, Summer 2006

I added Influence: Science and Practice to my Amazon wishlist.

Amazon suggests:

An email from a friend with the subject “bad code sample” shows up in my inbox. The smelly code attached is Java code, and the body of the message is empty. Gmail displays the following VB centric advertising: