Archive for the 'Today’s Nerd' Category

13
Nov
10

LoseThos: When God Tells You To Build An OS, You Build An OS

For nerds only: A pretty fascinating software project called LoseThos is the seven-year full-time effort of a gentleman who

– decided that the world needed an entire operating system geared toward recreational programming

– built the OS, toolkit, just-in-time compilation, integrated data types and other rare features while leaving behind virtual memory, paging and networking

– claims to have been guided in building this OS by a man in the sky

– may well have been driven mad by guilt at the unpardonable sin of working for irredeemable, scumbag-owned, customer-gouging operation Ticketmaster in the 1990s

– according to Reddit posters, has been banned from various online fora due to excessive prostelyzation (of both the sky-man and OS design varieties)

– has somehow managed to make a text-based command-line user interface more dancey and distracting than a GUI

– during narration of his demo videos, uses a voice that falls somewhere between Jesse Ventura’s and Fozzie Bear’s

– uses his OS to make Aspergerian 8-bit-esque music that is somehow related to weird, blunt, epigrammatic lyrics that reference the sky-guy and himself in seemingly equal measure.  Oh wait, he doesn’t make that music.  God does.

– has provided nearly a morning’s worth of enjoyment and wonder.  Is his pioneering work boldly rewriting the assumptions of a computing world transformed by solid state storage, or is it the fevered labor of  a monomaniac whose notions of “can engineer” and “should engineer” are hopelessly intertwined? Either way, thanks, Mr. LoseThos.

13
Sep
09

Public Service Through Servers: Government 2.0 Summit

Glenn Beck's 9/12 Project
Image by MeetTheCrazies via Flickr

This weekend, two crowds flocked to the nation’s capital, both with government on their minds.  One group was marked by ludicrous notions of persecution scrawled upon misspelled signs, inchoate anger and a raft of complaints culled from Fox News and AM hate radio.   The second group was composed of people whose careers depend upon being able to spell, discern, engineer and generally make sense of a world filled with people who noisily belong to the other group.  The second group were the new technocrats and they came to speak and hear about the newest applications of technology to the dirty, ugly, frustrating job of Government. Away from the screaming,  Government 2.0 Summit had convened.

Boiled down, Government 2.0’s central argument is over the notion of government conceived as a platform, a visualization that takes the organizing principles of operating systems supporting applications and in brief, applies them to civics. The view propounded by O’Reilly himself, is being challenged by some, and the arguments are fascinating.

Government is a heartbreaking mess that invites comparisons to privately developed systems such as computing platforms mainly due to the commonly large numbers of people and institutions that both serve.  And that is where serious parallels should end; civic, social and technical engineering techniques each can be oriented toward naked campaigns of domination and centralization to the direct detriment of the public interest.  This is generally how business interests apply the technocratic mindset.  While it may be that government might learn technocratic chops from that dominant camp, it will never (as a separate institution charged with public interest) acquire the same goals nor therefore commit a fraction of the crime.  This is exactly why the operational and philosophical synthesis of government and business must be resisted as aggressively as possible; I look forward to more research into the overlap of the two, starting with watching what happened at the conference where the nerds of each camp congregated among the crazies.

Reblog this post [with Zemanta]
13
Jul
09

HP Photosmart 1115 Driver + OSX 10.5.7 = Bummer

imgPhotoSmart 11151Hello, Googler.

I know why you’re here.  You tried to print from OSX 10.5.7 to your old HP Photosmart 1115 inkjet printer, didn’t you?

And what did you get for your trouble?  You found and installed the driver (e.g. “P1115”), you fired off a print job and the printer just sat there looking at you, didn’t it?

Well sure it did.  If it had worked, you wouldn’t be Googling around for a fix and you wouldn’t have found this blog post.

Brother / sister, I have your solution — and it’s not what you’d expect.  I stumbled across a magic bullet for this problem and now I will share it with you right here on teh intertubes.

This is what you do:

Send all the documents you want to print into the print queue, just select print as normal. The printer won’t move, but the jobs will go to the print queue.  If you open up OSX “Print & Fax” and select “View Queue” you’ll see them in there, trapped like kittens in a sewer.

Now make sure you know your user password.  Know it?  Good.

Now log out. Don’t turn the printer off, don’t touch anything, just log out of your Mac.  Use the Apple drop-down in the far upper left hand corner of the screen.

Usually when you log out of a machine, it’s the end of your session and time to focus on something else.  But not this time.  Oh, no.

Whirrr, whizz, g-zoo, g-zoo, g-zoo says the HP Photosmart 1115 once you log out – and every job in the queue gets printed!  You can even log back in before the jobs are done – which is handy since the 1115 seems to take five minutes per sheet.  In any case, you’ll need your user password to log back in, which is why I mentioned it.

Bizarre, I know.  But it works.

You’re welcome, Googler.

07
Jul
09

Three-Day Long DDOS Attack From North Korea?

Diagram of a Stachledraht DDos Attack
Image via Wikipedia

Is North Korea pwning teh intertubes?

According to Associated Press reports here and here, both US Federal websites and South Korean governmental websites are undergoing constant denial of service attacks, which has effectively removed these sites from the Internet.   Affected are the websites for the US Treasury Dept, Federal Trade Commission and Transportation Department.

Further, South Korea reports the presidential Blue House, the Defense Ministry, the National Assembly, Shinhan Bank, Korea Exchange Bank and top Internet portal Naver have undergone DOS attacks for the same period.

The attacks have been sustained over three days, which is unusual for this kind of internet attack. Network World reports the list of IP addresses sending out bogus traffic numbers 50,000 and according to a quoted security expert is using 10-20 GB of bandwidth per second, or ten times greater an amount than the average DDOS attack.

Although there is no evidence at this time of the attack’s source, the seemingly simultaneous targeting of US and South Korean sites brings to mind the common political enemy of both countries, North Korea.  Even though Internet infrastructure in that country is poor, mounting a DDOS attack using a botnet does not use local bandwidth and doesn’t need widespread local infrastructure.

In a denial-of-service (DOS) attack, a website is targeted with millions of false requests for web pages until the targeted website can no longer respond to legitimate requests for pages, effectively removing that website from service.   A plain DOS attack has a single vector – that is, the fake traffic comes from a single or small range of IP addresses, and as such can be stopped by the targeted web site’s owner blocking all requests that come from the offending IP addresses.

But the three-day length of the attacks strongly suggests that the attacks are in fact distributed DOS (DDOS) attacks, from which there is no effective defense. Under a DDOS attack, the false traffic requests come from hundreds or thousands of machines located physically all over the world.  Due to the high number of machines that are the source of the false requests, blocking all the IP addresses to stem the flow of bogus traffic becomes nearly impossible.

Often, these machines comprise a botnet, a name given to an ad hoc network of machines – personal, work, school – that have had their own security compromised,  and who follow instructions from the party that compromised the security in the first place.

Large botnets capable of sustained DDOS attacks have been a reality since ever since huge numbers of consumer operating system machines around the world such as those running Microsoft Windows have been left attached to the Internet full-time on DSL or cable modem.  An attacker can compromise the security of such a machine and leave upon it a “bot” process, which is software that quietly and invisibly waits for instructions from the controller of the botnet.

Botnets have been sold on the black market, used in DDOS attacks, used to spread worms and viruses and remain a real feature of the Internet that leverages consumer ignorance and the Internet technical architecture into a potentially devastating weapon that threatens whatever sites it wants whenever it wants.

UPDATE 1

A post at Comodo.com identifies a targeted host list as well as the Windows malware that is used in the botnet attack: Additionally, the poster says the IP addresses that the attacks are coming from are located inside China.

DDOS attack files.

filename: msiexec2.exe
size:33,841 bytes
When msiexec2.exe being excuted, it creates ‘uregvs.nis’ file.
There are many target addresses inside of msiexec2.exe code.

Following files attack those web sites.

filename:perfvwr.dll
size: 65,536 bytes

filename: wmiconf.dll
size: 67,072 bytes

some evidences about this attack.

1. attacker’s IPs came from China.
2. Using Botnet.
3. Using Zombie PC.
4. spreaded by internet.
5. it changes it’s code automatically.
6. addresses can be changed by attackers.

It has following Target Addresses.
Following addresses are related with South Korea gov and USA gov.
The attacker’s IPs came from China.

[Target addresses]
Some of websites still can’t be connected or slow.

<Korea>
banking.nonghyup.com – bank
blog.naver.com -portal
ebank.keb.co.kr – bank
ezbank.shinhan.com  -bank
mail.naver.com  -mail service
www.assembly.go.kr -gov
www.auction.co.kr
www.chosun.com -journal
www.hannara.or.kr -a political party
www.mnd.go.kr -gov
www.mofat.go.kr -gov
www.president.go.kr -gov
www.usfk.mil -US military website in korea

<USA>
finance.yahoo.com -portal
travel.state.gov -gov
www.amazon.com
www.dhs.gov -gov
www.dot.gov -gov
www.faa.gov -gov
www.ftc.gov -gov
www.nasdaq.com -stocks
www.nsa.gov -gov
www.nyse.com -gov
www.state.gov -gov
www.usbank.com -bank
www.usps.gov -US postal service
www.ustreas.gov -gov
www.voa.gov -voice of america
www.voanews.com
www.whitehouse.gov -gov
www.yahoo.com -portal
www.washingtonpost.com -journal
www.usauctionslive.com
www.defenselink.mil -military
www.marketwatch.com -stocks
www.site-by-site.com

Reblog this post [with Zemanta]
15
Jun
09

Proxies and DDoS Attacks: Internet 2, Ayatollahs 0

Monitoring the Twitter tags #iranelection and #iranproxy shows some pretty historic interplay between the unrest on the ground in Iran and the modern social media fabric.  Iran can’t shut off the internet in the country, as too much of its economy is dependent upon it. So the clerics who rule Iran and to whom the President answers, have blocked sites such as Twitter in order to attempt to prevent messaging from getting out while the police and army attempt to brutally put down the insurrection.

The blocking is not working.

1) Proxies:  The blockages are implemented as a list of IP addresses that the government makes unreachable from inside Iran.  But techs around the world are offering up proxy servers as relays for Iranians to use, and new ones are showing up on Twitter at the rate of one every three to five minutes.  A proxy is a relay that the clerics don’t know about that Iranians can use to get to sites that have been blocked by the ayatollahs.  The clerics’ tech crew may run around blocking these relays by adding them to the country-wide ban, but they probably can’t keep up with this many addresses at this rate of introduction.  Twittering has therefore NOT been cancelled in Iran, despite what the clerics have attempted.

2) DDoS Attacks:

RT @brookenchain ATTACK LINK TO IRIB: http://tinyurl.com/nyutjc open and keep it refreshing till looks unreachable pleasTHANX! #iranelection

Not only has outound contact been maintained, but the election “winner” Mahmoud Amahdinajad’s own websites have been blown off the web by twitterers.  Tweets such as the above are distributed denial-of-service attacks upon Irib, an official website of Amahdinajad.  The link leads to a auto-refresher that’s ponited at the targeted website, and refreshes itself once a second.  Send this link out to a zillion twitterers, and bye-bye target under a flood of bogus traffic.  There is no defense against this since the attack comes from all over the net.  And tweets against this and other official Amahdinajad sites have been coming many per minute.

At this time, unrest is reported (mainly on Twitter — no, don’t wake up from your nap, CNN) all across Iranian cities and the situation is touch and go.

12
Jun
09

Land The Tech Job You Love

Hey! I know that guy!

Hey! I know that guy!

Programmers! Project managers! Are you in the career doldrums?  Did you take your last job (or last three jobs) for the wrong reasons?  Have you not exactly taken advantage of the seller’s market in technology employment?  Do you have trouble discerning between brown-nosing and getting raises and promotions? Have you ever used an orange diskette?

If you need a better tech job, you may need to free your mind so your ass can follow. You don’t need recruiters.  You don’t need to move to San Jose. What you need is my pal Andy Lester’s new book Land The Tech Job You Love.*  Out today from Pragmatic Bookshelf.

The great thing is, in his illustrious twenty years writing software and being a leading light in the Perl language and open-source community, Andy’s made plenty of mistakes. Not software errors, but worse: career errors.  And just as with every error that crosses his path, he figured out exactly what went wrong, when and why.  Which means that when he writes a book about career management in technology,  he can probably save you some grief. Outside of leveling a crooked Christmas tree stand, what more could you ask of a book?

To hear Andy get all up into this, check out the Pragmatic podcast for the book.

* And balls. You’ll need balls.  Balls not included.

08
Jun
09

Invent Something Before Breakfast: Egovore

The arrangement view in Ableton Live 6.

For some reason, I woke up today thinking about digital audio workstations (DAWs) and how these exceptional programs nonetheless have basic similarities to any other software running on a system. A DAW, used well, simultaneously inscribes output and collaborates with the operator on the form of that output. Only the operator knows how much a musical piece or moment owes to inscription or to collaboration. This fact of life made me think about the submerged, “mundane” part of the DAW running a sequence. It chugs away under the hood, grabbing x disk resources, allocating y RAM, balancing z threads. These real-time values are resultant of the music in a real sense: could they not be themselves incorporated into the music, be presented as input for musical processing, which would change the underlying values slightly, which would alter the input, which would change the underlying values slightly, which would….ad infinitum.

So I sketched out a design and gave it a name. Egovore is an AU audio software plug-in design.  It runs as a AU plugin under a host DAW (Ableton Live, Reaper, Audiomulch) or under another plugin.

While executing a sequence, Egovore reads the host DAW’s own process space variables, including, optionally its own, and incorporates that data as input.  Egovore’s job is to process that data in realtime, musically, and output it as a musical element.

In this manner, a dynamic, self-referential, self-reflexive source of data concerning the music itself, as represented in the host machine’s process tables is incorporated into the audible portion of the music.

Example:  the running process’s statistical samples (ram usage, ticks, disk usage, process ID, address space ranges, number of threads, userid, load averages, swap, sharedlibs)

Example data flow:

main sequence---------------------------------------------------->output
       |                                ^    ^
       |                                |    |
       egovore(main())                  |    |
       |                                |    |
       |                                |    |
       pid                              |    |
       ram                              |    |
       threads                          |    |
       ...                              |    |
       |                                |    |
       |                                |    |
       -----------> midi ---> synth --->|    |
       |                                     |
       |                                     |
       ----------->SpeechSynth--->chopper--->|

In the above, Egovore loops n times, calling top(), reads the line corresponding to the host application as well as the data summary.  The columnar data are read into an input buffer.  Egovore operates on that data, looping through changes as time proceeds, and produces source data for input to processes such as a MIDI synth, or the system’s Speech Synth.  User-controllable parameters such as “Sensitivity” “Random Seed” “Random Amplification” “Scale” serve to tie the output to the musical milieu of the calling sequence as well as goose a range of results out of the processing.

Egovore’s output is both MIDI and audio.  The operator/programmer of the host DAW obviously controls Egovore’s mix position and routing posture.

Of course, the name Egovore comes from the fact that the design uses the “self” of the music as represented by the operating system as input.  In a conceptual sense, the music is consuming itself, hence Egovore.  Plus, it’s a near-Googlewhackblatt right now, showing only 200-odd results.

Surely there’s a DSP programming student out there looking for a cool plugin idea to bang on.  If that’s you, have at it.

Reblog this post [with Zemanta]



Categories

Email

rob [at] warmowski [dot] com

@warmowski on twitter

Rob’s Bands

Rob Warmowski entry at Chicago Punk Database
1984-89: Defoliants
1991-94: Buzzmuscle
2001-05: San Andreas Fault
2008- : Sirs
2008- : Allende

Rob at Huffington Post

May 2019
M T W T F S S
« Mar    
 12345
6789101112
13141516171819
20212223242526
2728293031