So, we found some cool flash-based web chart utilities at amcharts.com. All the UCS programmers have been asked to vote for three of them to be templated and proceduralized for use in web apps. Here are my votes:
Stock: Multiple Data Sets
Pie and Donut: 3D donut
Column and Bar: Columns and line chart mix
A couple years ago I signed up for Project Honeypot, which is a distributed network of fake email domains set up to catch spam for research purposes. All I had to do was create a subdomain off of a domain I already had (I didn’t use any WOU resources for this) and set it up to point to the Project Honeypot servers, and then forget about it. They don’t even need access to my site or anything.
So anyway, I hadn’t thought about this in a while, but this morning they sent me a notification that they’d caught their one billionth spam message (which happened to be an IRS phishing scam, in case you’re curious.) They also included some statistics (Quoted from their email:)
You can find lots more here.
I’m always fascinated to learn how things work, especially stuff we completely take for granted, like for instance how electricity gets from a power plant to your house. So in the hopes that there are others like me out there, I’m going to describe the inner workings of something most of us take for granted: the World-Wide Web.
Naturally this is going to take more than one post, since I’ll try to start from fairly non-technical concepts, and use analogies. Those of you who already know most of this may find the explanations not quite accurate, because I’ll leave out a lot of the nitpicky details, especially at first. I don’t have an outline in mind, so I can’t say exactly how this is going to go, but here’s a basic idea of what I’ll try to cover:
Hmmm, OK, just off the top of my head I came up with a lot more than I thought I would. And there’s a lot more where that came from! So we’ll see how far I get, and how many entries it takes.
While I’m on the subject of system updates, here’s another I want to talk about: Ubuntu Linux, which is what I have on my Dell Mini 9 netbook. At the end of October Ubuntu officially upgraded from 9.4 to 9.10. (Or, according to their whimsical naming scheme, from “Jaunty Jackalope” to “Karmic Koala”. I wonder what will happen when they get to Q?)
Though I was warned against trusting the automatic update process from 9.04 to 9.10, it worked just fine for me. All my data, settings, and apps were still there. (I still backed up my data first, though. Only a fool doesn’t back up before a major change.)
While the improvements aren’t as dramatic as the Blackberry upgrade, there are some nice ones. Probably the biggest one from my point of view is that the faulty driver for the Mini-9’s graphics chipset has been fixed. It’s not as dramatic an improvement as I was hoping, but it does make video run more smoothly. Flash is still problematic, as it apparently is for all Linux flavors, but it’s a bit better than it was.
Firefox 3.5 is now part of the default system. There are a lot of other apps with new versions as well, like Open Office. The login screen is improved, with some language and accessibility options you can set before login. You can now turn off Bluetooth from the menu bar instead of having to open an app and type in the superuser password. File windows have a slightly more compact arrangement, a new icon set, and multi-tabbing capability. On new installations, the much more efficient Ext4 filesystem is used (but not on upgrades, so I didn’t get that.)
I’ve been using it for a week now, and I haven’t seen any problems. I’ll let you know if any show up.
Back when the university cellphone policies were changed, I took advantage of it to get myself a Blackberry Storm. I was tempted to get an iPhone, but ultimately decided against it because of the hoops you have to jump through to install third-party apps. I got spoiled by my old Palm, which had a huge developer community and tons of great apps you could install without worrying about approval from Big Brother. I’ve given up on the Palm for other reasons, so the Blackberry platform seemed to be the best remaining choice.
I picked up the Storm because I wanted a nice big screen and I’ve never been a fan of the tiny physical keyboards and trackballs on the other Blackberry models; the Storm seemed like it would be the easiest conversion from the stylus-based operation of the Palm. The device seemed pretty cool from testing a co-worker’s newly arrived one. So I plunked down the money and ordered one…
When I actually got the thing, after the initial excitement, I was kind of disappointed. Sure, it was miles ahead of my old Palm in things like web browsing and file storage, but it was also laggy and required frequent reboots because of memory leaks. The on-screen keyboard was really slow, and the camera almost unusable due to a three-second delay between clicking the button and the actual picture being taken. And for me the biggest deal was the poor text editing capabilities; I was so used to being able to quickly jot stuff down on the Palm, easily update notes when I needed to, edit large text documents, work with a nearly full-size add-on keyboard, and so on. In this respect, the Blackberry Storm was nearly crippled. At least it was better than the iPhone, which at the time didn’t even have copy and paste!
Clearly, the Storm had been released before it was really ready.
Thus I joined the thousands of Blackberry fans eagerly waiting for an operating system update that would fix these problems. The company was working on one, and I saw various leaked versions and almost installed several of them, but ultimately decided to wait for the official release. When it came a few months ago, it helped, but not really enough. The phone was more usable, required fewer reboots, cut a second off the camera delay, and had slightly better text editing, but was still annoyingly laggy too much of the time.
By then I had my netbook, and just used that for all my documentation and editing needs when I was on the go. The Storm was pretty much just my phone and calendar, unlike my old Palm. I stopped monitoring the Web for more Storm updates, and resigned myself to the situation. After all, I was lucky to have as much as I did, right?
So then late last week I hooked up my storm and out of the blue was told there was a system update ready. I went ahead and did it without paying much attention; I figured it was just a minor bugfix for some program, like I’d seen before. Much to my surprise, it was a full update to the brand spankin’ new Version Five OS. It’s a huge improvement! The camera now works almost instantly. The keyboard is much faster. Selecting text is no longer a trial-and-error process. The much-improved predictive text function saves a lot of keystrokes. There’s flick-scrolling to move quickly through long documents and lists. The new Files app makes it easy to navigate large document trees and preview your files. I’ll still have to practice a lot to get my text entry speed up to what I could do with the Palm stylus, but now the effort actually seems worth it.
So I’m actually happy with this phone now. Imagine that.
For those not familiar with security terminology, this article states that websites which allow uploading of Flash files are vulnerable to a security hole that lets bad guys run code that has all the security accesses of the webserver combined with those of the unsuspecting person who runs that file.
For instance, an attacker could send a specially coded Flash attachment to their victim in a gmail message. When the victim loads the attachment, it gets to do anything the gmail server could do with the victim’s account; reset the password, delete messages, send messages (spam!), etc.
The scariest part is that there’s not really a fix without significantly changing the way Flash works behind the scenes. In the meantime, you should avoid flash that isn’t directly provided by the website you’re going to. For instance, the Flash slideshow on the WOU homepage is OK because we wrote it, but if you go to somebody’s personal website like “https://wou.edu/~joeblow” then you should be careful unless you personally know that Joe Blow isn’t the kind of person to play nasty tricks.
Actually that’s not really the best example, because even if Joe Blow has one of these malicious Flash files on his webspace on our server, it wouldn’t profit him much because there’s nothing much our webserver can do other than show you web pages. The WOUPortal and the Sun Java Email system are on separate servers, so they wouldn’t be vulnerable to Joe Blow’s attack. Of course, Joe Blow could send you a Flash attachment in an email, and if you open it in the Java email system, it could do nasty things to your email account.
This security hole isn’t easy to exploit, but it is theoretically possible. I recommend limiting the Flash files you run on the Web; there are browser extensions to help you do that. If you use Firefox, an extension called NoScript can block Flash files (and malicious javascript code as well) on all sites except those you designate as safe. If you use Internet Explorer, you can install Toggle Flash, a toolbar button that lets you turn Flash off and on whenever you want. Instructions for both are available in (ironically enough) a flash video on the page I linked at the top of this entry. Don’t worry; Foreground Security is a reputable company, so the video is safe to watch.
So I got dinged on my performance review for not blogging enough. Justifiably; as you can tell from my archives I haven’t hardly made any entries at all for a while.
Anyway, time to start getting more active again.
Fair warning: this entry will make little or no sense to you unless you work in UCS and do PL/SQL programming.
I’ve made a change to wou_util.wou_ldap.vnum_to_uid, specifically to the way it deals with V-numbers that are attached to multiple user accounts. Before, if you passed a usertype as the optional second parameter, and it couldn’t find a uid matching that type, it would still return a uid if it found one of another type that had the given V-number.
As of today, passing the second parameter will make the function behave more strictly; if a user account of the given type cannot be found, the function will return zero even if there is a user account or another type that has the given V-number.
In other words, passing a usertype to vnum_to_uid() means you want a matching uid only if it also matches the given usertype.
If you only pass a single parameter, the function will behave exactly as before; if multiple accounts are found, it will return the last one found. This is usually the most recently created account, but don’t rely on that always being true.
Oh, and one other note: there is a new usertype, “Alumnus”. All LDAP accounts of people who have graduated from WOU have this type. It is possible for someone to have both Student and Alumnus, for example if they graduated and then returned for a Masters program.
On Saturday all three air conditioning units in the server room shut down, and the place rapidly turned into an oven. Our servers put out a lot of heat, and have to be kept cool to prevent Bad Things from happening… and so when the air handlers stopped, Bad Things started to happen.
Luckily, only a couple of servers had actual hardware damage, and those didn’t have anything critical on them. Several more servers shut down ungracefully or started behaving erratically. Luckily our two biggest servers, cougar and sundown, never actually crashed, but since our main network infrastructure server did, nobody could get to cougar or sundown.
Since I live so close to campus, I got called in, but it was Paul Lambert and Dave Diemer who did most of the heavy lifting. Once the major problems were cleared away, then I could do my thing. Dave was still working on three servers until the next morning, and I was up until really late babysitting the webserver, which seemed to go catatonic every few minutes for no apparent reason. We’ll still be cleaning this up for a while.
My new keyboard got here yesterday and I installed it without much trouble. This mini is far easier to upgrade than any laptop I’ve ever worked with — just unscrew two screws, lift the keyboard, pop a couple of little latches and unplug the cable and the old one’s out, then reverse the process and the new one’s in. The ribbon cable was a little hard to get lined up right, but I got it after a few tries.
The new keyboard is much, much better than the old one. The keys are offset like a standard keyboard, and the punctuation keys are in their normal places rather than shoehorned into odd corners or converted into function-key combinations. My typing speed is way up, even though the keys are slightly narrower. Here are pictures of the old and new keyboards together that someone posted to a forum; the topic includes instructions on how to get and install the keyboard.
I’ve also been delving more into Linux. Like I said a few posts ago, it’s a lot easier than it was in the past — however, all the geeky stuff is still there under the hood, ready to be poked and prodded and reconfigured. More on that later.