The Knight Foundation and Mozilla have joined forces to help the media adapt to the evolving technology landscape. After an open idea challenge, 60 hackers and journalists were selected for a month long Learning Lab. I somehow managed to sneak into this elite club with my two cents here and here.
The Learning Lab is going to be a series of webinars from some of the most respected names in technology and journalism. Here is a list of Twitter handles of the organizers and speakers. Below is a google calendar showing the webinar timings (PST).
Wanna see how wacky it will get? Check out the video from the most colorful moderator ever – Jacob Caggiano.
Can’t wait till Monday …
A quick post to get subclipse working on Eclipse 3.5 on Karmic Kola. We are doing a group project for our CS-480 Database Systems with 7 team members. Obvious choice was google code as Min and Ali had used it in previous semesters – familiarity is a strong motivation not to select your CASE tools (read github for SCM) when your grade depends on meeting the deadline. 😀
Min mailed us a comprehensive document on getting subclipse working with code.google.com – but I stumbled across getting it working in Ubuntu – the well known problem of gnome-keyring and JavaHL ate up the last 2 hours.
Once you’ve installed subclipse 1.6.x in Eclipse and would like to jump off to checkout code for your favorite open source project – you’ll hit hard by messages similar to these:
Failed to load JavaHL Library.
These are the errors that were encountered:
no libsvnjavahl-1 in java.library.path
no svnjavahl-1 in java.library.path
no svnjavahl in java.library.path
java.library.path = /usr/lib/jvm/java-6-sun-220.127.116.11/jre/lib/i386/client:/usr/lib/jvm/java-6-sun-18.104.22.168/jre/lib/i386:/usr/lib/xulrunner-addons:/usr/lib/xulrunner-addons:/usr/java/packages/lib/i386:/lib:/usr/lib
Nice as people are in FOSS world, it’ll also point you to the documentation JavaHL wiki to fix this. While it gives you the basic steps required – but distro-specific details were missing. So here are the quick steps.
1. Install libsvn-java using Synpatic or from the commmand line sudo apt-get install libsvn-java
Edit the eclipse.ini file in your eclipse directory to add
to tell Eclipse where to look for all Java SVN bindings
3. You also need to tell gnome-keyring to shut the f* up and let subclipse work. For this you keep your password-store as blank. Edit the svn config file located in the .subversion directory of your home directory by adding
### Set password stores used by Subversion. They should be
### delimited by spaces or commas. The order of values determines
### the order in which password stores are used.
### Valid password stores:
### gnome-keyring (Unix-like systems)
### kwallet (Unix-like systems)
### keychain (Mac OS X)
### windows-cryptoapi (Windows)
I also disabled gnome-keyring using the gconf-editor (navigate to /apps/gnome-keyring/daemon-components uncheck SSH and PKCS11) – but not really required I guess.
(Re)Start Eclipse. You should now be able to checkout your project.
Ummm, how much of the school’s project did I complete this morning? None really :P.
Next step is getting Apache Derby working.
During the college days, I had much fun doing the dumbest things which had absolutely no hope of finding any practical application – but just made me feel good. To bring back the good times, this weekend I thought of doing something similar.
Have you ever:
- Felt getting sms reminder from your Google Calender makes you more efficient
- Felt the need what’s going on in your server when you are not looking at it
- Felt Python is the neatest language around
Wondering what’s common in the three of them? How about using Google’s free sms service to get updated about the health of your server? Google’s gdata api allows you to do that, just with a few lines of python.
What’s the big deal about that? Nagios already has that feature, you might say! But unfortunately, I’m using windows these days, and all the free sms gateways in India are worthless.
Peeped into the sample in the samplescalendar folder, and took out the required part from the calendarExample.py and made some little changes, and it was done. Here is the script.
The script isn’t really good and just checks if the Remote Registry Service is up or not. But with more love, cool things (like sms alert on unauthorised access, low isk space etc.) can be done.
However, to remove the ugliness of the script, firstly the hardcoding needs to go.
start_time = time.strftime(‘%Y-%m-%dT%H:%M:%S+05:30’, time.localtime(time.time() + 600))
where +05:30 indicates my time zone, ie IST and the 600 seconds, the time lag between the running of the script and the creation of the event. The sms reminder is sent 1 minute before the event begins, making the time lag 9 minutes.
But more importantly, there should be saner way of passing a password to a script. I had my dad’s cell registered with a less important google account and scheduled a .bat file in Winodws Scheduler that calls the script to set events every 10 minutes. Unfortunately, he did not enjoy it as much as I did.
Scripting is an art. Nifty and subtle, wicked cool scripts can weave magic, and startle compiled languages. When it comes to getting yet-another-pesky-job done, that scripting languages are your friend.
The batch scripting language, is one of the ways Windows operating system offers for writing small scripts without the need of installing any additional language support. It is somewhat limited with multiple short comings that does not make it fun. However you can still get some interesting stuff done with it. Below are some pesky jobs that can still be done with batch scripts.
Pesky job 1 : Map a network drive
net use N:| find “OK”
if errorlevel 1 net use N: \servernamepath$ ******** /user:******* /persistent:yes
This will check if the drive N is mapped or not; in case there is an error, it will map servernamepath with proper username/password values and keep this map persistent across reboots.
Pesky job 2 : Copying files with a time stamp
Say we want to copy a few files from one directory to another file to another with the current date stamp, it could be a simple
copy help.txt Desktop%date:~10,4%%date:~7,2%%date:~4,2%-chgs-1.txt
Truly ugly? Quite right.
Normally the date command would output
C:Documents and SettingsTatha>date
The current date is: Mon 11/17/2008
Enter the new date: (mm-dd-yy)
To use the date-stamp say in an echo statement, put the command with in percentage signs. to extract part of the time stamp, the command should be followed with a “:~offset, number_of_characters”. For example
C:Documents and SettingsTatha>echo %date:~0,14%
So, the copy command above would create a copy the help.txt to the path C:Documents and SettingsTathaDesktop with a name 20081711-chgs-1.txt, on 17th November 2008.
But wait, this wont work in a Windows NT box. Seems like the automatic variables DATE and TIME were not implemented until windows 2000, so if you want a time stamp in an NT box you should
time /t >> file.txt
Pesky job 3 : Starting and stopping windows services gracefully
Another glitch when running newer bat scripts in Windows NT, that I came across is controlling Windows services. Consider the following snippet to stop a service named SomeAppServer or someappserver in a Windows Xp box.
net start | find “SomeAppServer”
if errorlevel 1 goto STOPPED
if errorlevel 0 echo %date% %time% Attempting to Stop SomeAppServer >> log.txt
start /wait net stop “SomeAppServer” >> log.txt 2>&1
if errorlevel 1 echo %date% %time% SomeAppServer could not be stopped >>log.txt
echo %date% %time% SomeAppServer is stopped >> log.txt
echo — >> log.txt
However, in case the name of the service is someappserver, instead of SomeAppServer as written in the script, it would fail to stop the service in a Windows NT box. NT treats the service names as case sensitive and you need to supply exactly as it is listed.
Here are some good resources for batch scripting
C:Documents and SettingsTatha>wmic /output:C:ProcessList.csv path win32_process get Caption, Processid, workingsetsize /format:csv
On opening ProcessList.csv, I could find 6 processes has been listed, the total memory consumption was 94740480 or 94 MB.
When you switch between the tabs – you’ll find the a few tabs will come up quickly, however the ones opened a soometimes back – will take some time to get rendered, but the delay is nothing unacceptable.
A wonderful and feature is you can add shortcuts to web based applications directly to the Windows Start menu or quick launch bar. Think of it – you’ll be able to open gmail, Google docs, Google notebook directly from quick launch bar the same way you open Outlook, Microsoft Word, etc. This will be a great help for low cost desktop computing projects that are trying to replace costly desktop apps with freely available web based alternatives.
For those, who couldn’t start working without installing Fullerscreen with Firefox and the look a clean and lean look and feel is like a gift long held in waiting.
Life has not been that interesting to produce further gibberish adage for the last few months. At work I’m looking into a plethora of antediluvian technologies – but still putting up to learn the new ones.
My white paper titled Security Concerns with Web Services was warmly appreciated and got published our internal knowledge net. Though, I cannot publish it anywhere else … I surely can share the helpful tools that I used to detect web service vulnerabilities.
With the tools listed below, some imaginations and a desire to have fun – you can really have a good idea about web services security.
Tools for studying Web Services Security
- WebGoat is an insecure J2EE application that provides a number of lessons for practicing commonly known security exploits.
- Soap UI is a popular SOA and Web Services testing tool with a number offeatures like web service client code generation, mock serviceimplementation, and groovy scripting.
- WS Fuzzer is a fuzzing penetration testing tool used against HTTP SOAP based web services. It tests numerous aspects (input validation, XML Parser, etc) of the SOAP target.
- WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
- LiveHTTPHeader is a mozilla plugin that provides all the information about the browser traffic.
- Cryptcat is a lightweight version of netcat with integrated transport encryption capabilities.
- Fiddler is a HTTP Debugging Proxy which logs all HTTP traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP Traffic, set breakpoints, and “fiddle” with incoming or outgoing data.
- TcpMon is a utility that allows the user to monitor the messages passed along in TCP based conversation.
- cURL is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). The command is designed to work without user interaction.
Most of the above tools comes with neat documentation, so have fun!
“How does it feel
How does it feel
To be on your own
With no direction home
Like a complete unknown
Like a rolling stone?”
I lost it. I lost it all.
Three years of electronic ranting, tales of code, help, pride, use, abuse, love, hate, lies, videos, pdfs, – fuck, the list is endless! It surely justifies taking a sick leave …
Andrew Grove says Only the paranoid survives. But he never says getting hyper-paranoid for survival. Well, no regrets brother – just lessons.
If you happen to have no clue which loss I’m talking about – you hardly know me. Its my google account – I forgot the password for it. The big G is the spinal cord of your online existence – once you snap from it your gmail, blog, orkut, notebook, reader, docs everything refuses you as if you are some sort of a beguiler trying to steal the free services and be the next spam superstar!
Every loss makes you wiser. Its like a tool that refreshes the the old, and paves the way for the new change. So …
“Turn the clock to zero, boss
The river’s wide, we’ll swim across
Started up a brand new day
It could happen to you – just like it happened to me
There’s simply no immunity – there’s no guarantee
I say love’s such a force – if you find yourself in it
And sometimes no reflection is there“