Team Member Blog
The BarCampMadison2 planning meeting was held yesterday. We had a good crowd of 14 people there. This was split between Madison and Milwaukee residents. We had a great discussion about what we need to do to get the BarCamp together and I think that we all did a great job. The notes from the meeting are available on the main BarCamp website at http://barcamp.org/BarcampMadison2. The main BarCampMadison2 website should be up soon. I’ll post the link when that happens.
The BarCamp has a tentative date of April 19 and 20. We have many things to get done before then and more help is always appreciated. If you’d like to help out, be sure to sign up to the BarCampMadison Google Group at http://groups.google.com/group/barcampmadison. Holding with BarCamp philosophy, planning of the BarCamp is an open and community-driven task. Everything will be discussed and will be on the website. If you have suggestions or would like to pitch in and get something done, just let us know.
Filed in: Team Member Blog planning, barcampmadison2, 2008, barcamp
Eclipse 3.3 doesn’t come with plugins to support the svn+ssh protocol right out of the box.
An easy way to install new plugins for Eclipse: Help / Software Updates / Find and Install… / Search for new features to install / New Remote Site… and enter an update site URL.
1) Install the Subclipse plugin with http://subclipse.tigris.org/update_1.2.x
When using Subclipse with the JavaHL libraries (these use JNI) I would consistently get a “malformed network data” exception every time I committed to the repository. While the files seem to have been committed, they produced conflicts on the next synchronize. To fix this, I installed SVNKit.
2) Install SVNKit with http://svnkit.com/
SVNKit is a pure Java Subversion client library. Open the Eclipse preferences, and change the SVN interface SVNKit as I have below.
From here, you’ll be able to open the Subclipse perspective and define a repository that uses svn+ssh, and successfully perform any command.
SVNKit will also work with the Subversive plugin.
For more information on these plugins visit:
http://www.svnkit.com/
http://subclipse.tigris.org/
http://www.polarion.org/index.php?page=download&project=subversive
Filed in: Team Member Blog
I have put together an article about my experiences at BarCampMilwaukee2. I wrote it because I wanted to be able to point people to something that can describe what a BarCamp is like. It’s one thing to give out the description of “unconference, no preset schedule, etc.”, but it’s another thing to actually be at the BarCamp participating. I really enjoyed BarCampMilwaukee2 as I have previously posted and I’m getting excited about the possibilities ahead of us for BarCampMadison2.
The article can be found at http://tech.fradkin.com/articles/barcampmilwaukee2.html.
I’ve also created a handy RSS feed for tech.fradkin.com that can be pulled into your favorite feed reader: http://tech.fradkin.com/rssfeed.xml. Updates tend to be infrequent, but at least you would be notified that I’ve updated something.
Filed in: Team Member Blog barcampmilwaukee2, article, whatisbarcamp?
I’ve been a user of OpenOffice.Org pretty much since OOO first came out. Even when I was still occasionally using Windows, I was looking for alternatives to using Microsoft products. OpenOffice, to me, offered that alternative. It provided me with the basic functionality that I needed from a word processor, spreadsheet program, and presentation creator. I’m not a power user of the basic office products, so the lack of features that Microsoft Office provides has never been an issue for me.
Fast forward to a couple of days ago. I’ve been working on some articles that I’ve finally decided are good enough to publish to the interweb. I typically write them in OOO. I was looking into an easy way to convert them into HTML and noticed that OOO contains a feature to export a document in XHTML format. I thought that this feature could be pretty handy so I tried to use it. Bzzt! Try again. How foolish was I to attempt such a thing without first telling OOO what Java VM to use. Ouch! OOO depends upon Java for some of its functionality. So I went to the settings to tell it what VM to use. Surprisingly, after I navigated to my /opt directory, it figured out that I had 3 different JVMs installed: 1.4, 1.5, and 1.6. I figured that I might as well use the most recent one I’ve got, so I pointed it to 1.6. OOO gave me a message box that indicated that I’d need to shut down OOO and restart it in order for the setting to take effect. OK. No problem.
It shut down fine, but when I attempted to run it again I got a whole lot of nothing. Nothing? What? It just wouldn’t run. No error messages of any kind. That seemed a bit odd. So, I embarked on a journey to try and figure out how to unset the JVM setting. All I could find was a file that was autogenerated each time OOO was started. So, I asked Gentoo to uninstall OOO. Then I made sure that any OOO related directory was removed. Then I re-installed OOO. I typed in “oowriter” at a command prompt and was greeted with nothing but another prompt. No error, no messages, no OOO starting up. After another fruitless hour of searching and trying everything I could think of, I just gave up. This was going to cause a serious issue. I have Windows installed in a VMWare virtual machine if I absolutely have to use Windows, but I’d rather not deal with it.
I went with Plan B. Plan B was to let my computer spend the time to compile OOO from scratch. Fortunately, I was a bit smarter with my disk partitions on my laptop and actually put enough space in the /tmp partition to be able to perform large compilations. OOO notoriously uses up about 4GB of disk space and on my Core Duo 2 machine took about 3.5 hours to compile. I crossed my fingers and typed “oowriter” into a prompt after it finally finished compiling. Much to my surprise, OOO started right up! Back in business! But, I’ve learned my lesson. I won’t be telling OOO where my JVMs are. I can live without this hassle.
Filed in: Team Member Blog java, linux, openoffice
The first official get together to start organizing BarCampMadison2 is coming up. If you’ve never been to a BarCamp before and are interested to see what this is all about, or you missed the last one and want to get involved with this one, stop by to meet a great group of people. Remember, BarCamps are organized by the participants for the participants. Below is the text of the invite that was sent out. See you at the meeting!
————————-
It’s time to get the ball rolling for BarCampMadison2, so let’s get together for coffee and do some planning (after the holiday of course):
January 5th
2 pm (to 4pm)
Escape Java Joint
916 Williamson Street
http://www.escapejavajoint.com
Agenda
- Introductions
- Communication methods (barcamp site, googlegroup, email list, meetings, etc)
- What needs to be done? Who wants to do it?
- Read http://www.cleverclevergirl.com/?p=10
- Sponsor wrangler
- Food Czar
- T-shirt Master
- Wi-fi Guru
Filed in: Team Member Blog planning, barcampmadison2
The Handbook of Applied Cryptography is now available online at http://www.cacr.math.uwaterloo.ca/hac/index.html. This book is officially Bruce Schneier approved. If you’re interested in cryptography you should check it out.
Filed in: Team Member Blog cryptography, bruce schneier approved, book
I found an interesting article from Slashdot about using Google as a password cracker (http://www.lightbluetouchpaper.org/2007/11/16/google-as-a-password-cracker/). Ask Google to search for a hashed password, and if it’s common enough to be included in one of the many indexed documents that contain password/hash pairs, you’ll know that password. The comments to the article are just as interesting. A discussion of securely storing passwords runs through them.
The general points to consider when creating passwords are:
- Longer passwords are better
- Passwords that aren’t real words are better
However, since most people have a really hard time with passwords like that, they need to be stored securely.
- Use a salt
- Create the salt in a cryptographically secure fashion with a reputable library
- Make sure the salt is lengthy
- Use a different salt for each user
Short passwords are notoriously easy to crack if they’re hashed with MD5. There are numerous utilities available to brute force crack MD5 hashed passwords. There are even some interesting dictionary methods to crack MD5 hashes, as well as rainbow tables (overview here: http://en.wikipedia.org/wiki/Rainbow_tables).
I guess the moral to the story is that one shouldn’t assume that their password is infallible. If you are using word-based passwords they will probably be cracked at some point. When creating a system that needs to store passwords for user login either use an off the shelf utility that will encrypt or hash the passwords securely or do your homework so that the site doesn’t get owned. Don’t ignore warnings about MD5. Use SHA-1 or SHA-256 instead.
Remembering all those strong passwords is an entirely different issue…
Filed in: Team Member Blog cracking, cryptography, md5, passwords, sha-256, sha-1
One of my goals when checking out a programming language that is new to me is to find some kind of use for it other than what I’ve read in a book. While Ruby seems to have found a niche with the Rails web framework, I was also interested in other uses for it. Believe it or not, I’ve never really learned Perl, and I’m not the greatest with shell scripts, so it’s nice to have learned enough Ruby to perform some helpful tasks.
Ruby is an interesting language. You can use it as an Object Oriented language, or you can use it more like a functional programming language. What’s really nice is that because it’s currently an interpreted language and not compiled, you can use it as a general purpose scripting language.
I’ve created a really simple script that runs as a cron job to run the ‘emerge’ program, compile the results, and email them to me. Quite helpful. The concept can be used to gather results from running anything that has output. The script is below. Even though you specify from and to addresses in the Ruby send_message() call, I found that at least with my internet provider I still needed to specify Subject, From, To, and User-Agent mail headers otherwise the mail got bounced.
require 'net/smtp'
result = `emerge -upDv world`
msg = "Subject: Packages to Emerge\r\n"
msg += "From: FromName <from@name.com>\r\n"
msg += "To: ToName<to@name.com>\r\n"
msg += "User-Agent: Ruby Mailer\r\n"
msg += result
msg += "\r\n"
Net::SMTP.start('mail.name.com') do |smtp|
smtp.send_message(msg, 'from@name.com', ['to@name.com'])
end
Filed in: Team Member Blog ruby, handy, script
