Wednesday, November 03, 2010

misprint of the [specify timeperiod]


How apt:

employment rose causing misery for many.
From this, also worth a read.
Have an award.


Wednesday, October 20, 2010

Note to self, how to get row numbers in a MySQL SELECT


I've often wondered, idly, how to get MySQL to output a row number column, which would rank sorted and grouped results.
Well thanks to this excellent post I've found out how:

SELECT *, @rownum:=@rownum+1 as rank FROM ( 
-- Your Query Goes in Here
        SELECT t.*
        FROM table t
        WHERE something
        group by 2,3,4
        order by 1 desc limit 20
    ) day_rank, (SELECT @rownum:=0) r;


Thursday, September 23, 2010

Note to self, how to install apc


Want to install apc on CENTOS or RHEL?
REad this: http://www.agileapproach.com/blog-entry/howto-install-pecl-apc-cache-centos-without-xampp


Tuesday, September 21, 2010

Note to self, want stats on nfs usage, try this


I thought I'd put this in as well, since I had to google for it, using -n will make iostat provide you with stats for nfs shares too.

iostat -nh 5
You can also use nfsstat

nfsstat -cvn -o nfs


Friday, September 17, 2010

e = internet (a logo for IE9)


I found this fascinating blog post on MSDN's IEBlog about the logo for IE9, thanks to Sam Ruby's wonderful Planet Intertwingly.
You should read it too.


CAPTCHA for CASH - The end is nigh for the CAPTCHA


I  thought you may like to know (unless I'm the last one to cotton on!) that a scenario we've theorised about on the ASRG mailing list for years is finally here, there's now at least one commercial service that will translate CAPTCHA's for cash.

I found the link (shown below) to a service that will decode captcha's for you for $2 per 1000 successes. (Ironically it was in an ad served to me by gmail.)

So to anyone who ever proposed a spam "solution" that relied on differentiating between people and machines, and doubted us when we told them that the commercial imperative would be its downfall, read this: 

We told you so, and it only costs two bucks for a thousand!
I predict much more of this in time, with costs falling as more competition enters the market, and I honestly think it presages the end of the useful life of the captcha.

That link: http://www.decaptcher.com/client/

-- correction: Kevin H. politely pointed out, in a comment, that I hadn't read it properly
That isn't $2 per success - it's $2 per 1000 successes. Minimum purchase is $10 = 5,000 spam, er, advertising opportunities
Thanks Kevin, I've updated the post to reflect this.

-- updates:  According to ASRG folks

a) This site has been known about since Oct, '09, so yes I am last to the party as ever!

b) Chris Lewis kindly point this out:
... found sweatshops in India quoting some small number of rupees per thousand, claiming to be able to supply up to 250,000 per day.  At _least_ three years ago.
...
Incidentally, some of the spam filter companies, as part of their technology for trying to figure out whether the jpeg is naughty or not, _claim_ they can solve >90% of all captchas on the fly.
c) More intriguingly Steve Atkins said:
There's even a neural net implemented in javascript as a greasemonkey plugin that'll solve some simple captchas in the browser.
 I had a Googlearound and found this, that may interest you http://ejohn.org/blog/ocr-and-neural-nets-in-javascript/

I found that particularly fascinating, because last year Nikki was telling me all about cognitive psychology and various theories of word and character recognition in humans. I still have all that to look forward to, in my OU degree, but I'm beginning to get an idea of the kind of things I could do for my project if I ever get that far!


Wednesday, September 01, 2010

note to self, how to change the definer of a mysql stored procedure


This is a useful one if, like us, you find that the account used to create the procedure doesn't have the privileges required to execute it, or perhaps you've revoked the original definers grant. (DoH!)

ALTER PROCEDURE procedure_name SQL SECURITY DEFINER;javascript:void(0)


Facebook, you make me want to cry!


It seems that the way in which facebook chooses an image to show alongside a posted link differs for links posted in different ways.

Oh how fucking hilarious. Not.

On our product page if you "attach" the link, or share it using facebook sharer (http://www.facebook.com/sharer.php) it picks the big product image as the first image in the list for you to choose from. This is a Good Thing, and exactly what we want to achieve.

However if you click the like button, its picking up a random image from sets of smaller images elsewhere on the page.


e.g. Share this dress' page through the sharer, or by "attaching" and you see this image:


but if you use the like button it shows us this image,



which is for this dress.

Arrgghh that's annoying. Get a damn grip facebook, at the very least you could try to be consistent. Read about the principle of least surprise.


Tuesday, August 31, 2010

Oh Dear poor facebook!


Facebook appears to be unavailable for many users, our office included.

This looks like a DNS issue, looking up www.facebook.com reveals no answer, but facebook.com does resolve.

So I added this to my hosts file[1], its one of the addresses for facebook.com, and it all came rumbling back.
(update, I've updated the line to include the login hostname)

69.63.181.11 www.facebook.com login.facebook.com

Facebook.. if you're listening, fix your DNS, and you owe me!

[1] Windows users, use notepad, you'll find that file here:
C:\windows\system32\drivers\etc\hosts
Just copy'n'paste the line at the end


note to self, how to use your favourite editor for the crontab without changing it permanently


I like to use nano to edit the crontab, but I don't want to change the default editor.
(Some people are very un-funny about that kind of thing!)

This is the one-liner to use nano, and I seldom remember it.

env EDITOR=nano crontab -e


Wednesday, August 25, 2010

note to self, how to make a mysql instance read-only


Another piece of DBA hoodoo that I seldom need!

SELECT @@global.read_only;
SET GLOBAL read_only=1;
SELECT @@global.read_only;


note to self, how to skip a mysql replication error


Another one that I have to google every time.
Not being a DBA I don't do this very often, but now and again I find myself in the Hot Seat.

SET GLOBAL SQL_SLAVE_SKIP_COUNTER=1;
START SLAVE;
SHOW SLAVE STATUS;


Wednesday, August 18, 2010

note to self, how to convert pfx to pem without passphrase


I do this so infrequently that I always have to google it.
Now I can search my own blog!
openssl pkcs12 -in mycert.pfx -out certificate.cer -nodes


Friday, August 06, 2010

I've been Scammed! (not really... but he tried his best)


Be safe.. the following describes an attempt to scam me into giving someone remote access to my PC, I was in a playful mood so I strung him along, don't you do that same thing unless you *know* what you're doing. And above all never let anyone remotely access your pc unless you're 100% sure that you ant them to.

I just got a call from a company calling themselves "virtual pc doctor".
He said that I was being called because I was a microsoft registered user.

The guy got me to log into my pc.

Then we clicked the start button and he got me to tell him if it said "computer" or "my computer".

Then we looked at the event viewer, he told me that the errors and warnings were some kind of dire "online infections" that can't be detected by anti-virus.

Woo, scary techno-shit, I thought (not!)

Then he asked me to open www.logmein123.com.

I didn't. I googled it instead.

He told me that a technician would log in, and cure these infections and install a "gateway" which would prevent further infections.

At this point I challenged him about the "online infections" and told him that I didn't think "dhcp client cannot obtain address" was very serious at all.

He said that if I thought that then that was my choice, but my computer could be irreperable damaged.

"oh!" I said, "how?"

"by corrupting the harddrive and the operating system" said he,

"OH!" I said, "Thats, bad. But what kind of software is capable of damanging the hardware? I can just re-install windows can't I?"

"No, because this is new, in the past few weeks, thats why we are giving you the call"

So I asked him where his company was located, and when he said the UK I asked him for registration details.

He Rang Off.

I reported the scam to trading standards.

If he calls you, hang up and report it yourself. Be safe!


Monday, July 05, 2010

FIFA win the Queen Victoria memorial reactionary fuddy-duddy-ism award


In the spirit of the World Cup I'm going to veer off into football for this award, possibly for the only time ever.

I'm not a football fan, I prefer to follow "another code" (rugby union for those who don't speak in riddles) and I've been amazed and appalled at the number of times in this world cup, that the ref has appeared to have his hands tied and his eyes poked out by the victorian attitude to refereeing as expressed by FIFA.

International Rugby has sucessfuly benefited from video replays and from penalty-tries, and indeed from a clock that counts the seconds of play, cleverly pausing for injury or other "time out". None of these things interrupt the flow of the game. None of them compromise his authority.

The introduction of goal line "technology" however, would. That would delegate the decison to a machine.

In both codes the ref's decision is absolute and final, as it should be, and he has the option to exercise his opinion and experience at every stage of the game.

But by FIFA denying ref's access to the *option* to consult a video ref (or tv match official) or the *option* to award a goal for goal line offences we are saying that we do not trust their judgement. If FIFA do not trust the judgement of their referees what does that say for the game? Not to mention the appaling messages the handing of these incidents sends to our kids.

Decisions forced on ref's in this world cup undermine sportsmanship, and for that reason, FIFA, you get the Queen Victoria memorial award for reactionary fuddy-duddy-ism.


Saturday, May 15, 2010

There's more to running a railroad than just laying down tracks, you know (nine reasons that diaspora will struggle)


I have to say that although I don't have anything against Diaspora, there's a strong sense of dot-com naievety in the web site and the press reports that I've read. As someone once said in some movie I once saw sometime;

There's more to running a railroad than just laying down tracks, you know.*
Those of you who were around during the unfettered madness in the last stages of the dot-com boom should know better than simply to believe the hype here, and let me explain why.


Diaspora have nothing, they have some pledges of funding and apparently a bit of code that may or may not work.
Nothing bankable there, and no business model that I can see which will give any real investor even the promise of a return.
We've seen friends reunited fail to capitalise on the very similar oppportunity their idea created and the enthusiasm with which it was greeted, and that is because they chose to charge for parts of the service.
Anyone wanting to get into this space is going to have to burn through a lot of cash before they get a big enough audience to make money from by any indirect means, if they ever do.


If they've been pulling allnighters and sleeping under the desks their development methodology is unsustainable. I would consider myself to have failed in a big way if I had to ask someone to sleep under their desk, geeks need their beauty sleep if they're going to do a good job for you.
They're going to crash and burn if the don't fix that one. I know that some of the most sucessful dot coms have evolved from student's developing something on a shoe string, but they have largely been gamechangers.


Diaspora isn't a game changer. It is an evolutionary development of social networking.


They have a HUGE competitor in facebook. And potentially another in Google's OpenSocial. To paraphrase Oscar Wilde "To challenge one gorilla may be regarded as a misfortune. To challenge two looks like carelessness."


Privacy and security are not sexy, they won't sell this to normal consumers (c.f. industry insiders like ourselves) people like facebook, and don't really know or care about the the privacy issues.
You only have to read the comments on facebook's status update posts to realise that very many of their users have a very sketchy understanding (and thats me being flattering) of what the web is, never mind how it works.


Distributed is sexy, but only to sad geeks like you and me! The emphasis in "social network" is on social not network.
In practice this is going to manifest itself in questions like who will opeate a diaspora server? and how will I choose my diaspora provider?
Either that or there will only ever be one operator of diaspora, and the distributed thing will be obsolete from the start like so many internet technologies who's technical capabilities are sidelined by business and operational issues: The way we misuse "trust certificates" (I don't trust verisign, who the f**k are they?), they way that we don't use multi-hop SMTP because of spam, the way that theJ2EE servlet specification was never really adopted for anything other than http, the way that teleco's won't let us use our mobiles (cellphones) as modems, but they will sell us dongles.


They don't appear to own the domain name diaspora.com. A small thing, but perhaps a glimpse at a lack of joined up thinking?


And the big one ... Someone has to persuade all of the people who are happy using other social networks that they need to be bothered using diaspora.
Now I know that we've seen people move from bebo and myspace to facebook, but that seems to have been driven by two factors, one is the fact that facebook's offering is different, its a slighly different service, the other is the demographic, facebook targets (or seems to) an older demographic, producing the perception that myspace and bebo are for kids...
When I was a child I spoke as a child, I understood as a child, I thought as a child; but when I became a man I put away childish things.
...and that as facebook is more "grown up" it becomes cool to move your social network activity to facebook.
Where is the comparable hook that will attract people to diaspora? Privacy? give me a break!


The technology exists to create diaspora, but is there enough time?
It takes a lot more than a list of techical ideas to make a robust system. If all you needed was enthusiasm and an understanding of the technology most of us would be billionaires, and we know it!
Each one of their to-do's has to be implemented, that implementation will be beset with technical challenges.
Integrating them into a coherent single service adds a whole extra degree of complexity. This kind of development needs to be properly managed by people who understand the risks and know the trick of avoiding them.
Those people exist, I like to think I'm one of them, but the point is that their intervention will move the goal posts, and dilute the "purity" of the mission.

So, IMHO Diaspora may well be what the thinking geek would have liked facebook to be, but it is never going to replace it. Sorry, but there you go.

* (if you know what movie it is let me know!).


Wednesday, May 05, 2010

privacy, what privacy? do I look like I care? the jury is out.


I've recently added the much talked about facebook "like" button to this blogger blog. (For those that are interested the code is at the bottom of this post)

And as I was doing it I wondered how to gain access to the stats this will inevitably collect. I don't have the precise answer to that one yet, but I did find some interesting things on the Facebook Query Language page.

Just for example, this link https://api.facebook.com/method/fql.query?query=SELECT%20total_count%20FROM%20link_stat%20WHERE%20url=%27blog.killerbees.co.uk/2010/04/no-i-dont-have-my-ipad-with-me.html%27 will show you how many times that blog post has been shared on facebook.

Why don't I care that this information, and a whole lot more, is in the public domain? Mainly because I assume that if I use facebook everything is available to everyone and I should be careful what I say, we need to educate each other, as we do with our kids, not to post things online that give away the secrets of our private life.

But also because facebooks attempt to predict the result of the election (here) has predicted a victory for the lib-dems.

This is something that is clearly not going to happen, but is also something that a quantative approach to predicting the election will always come up with. Why? Hopefully its because we lie to pollsters, even if that includes lying to ourselves. We're not rational or very sane, and as long as we don't publicise information that can be used to harm us predicting future behaviour using facebook data is no better or worse than using any of the other sources of information available.

Why should I be worried? The one doubt I have in my mind is that it would be possible to track all of your associations, and you may not want me to know who your friends friends are, or what interests you share, particularly if your friends achieve notoriety or your shared interests reveal your social circles in an unfavourable light.

That fb code:

1st put these in the top of the template html, I had to put them directly under the opening "head" tag to stop blogger from removing them.

<meta content='your site name goes here' property='og:site_name'/>
<meta content='your app id goes here' property='fb:app_id'/>

Then put this beneath your posts, look for div class='post-footer', you may need to "expand widgets"

<div id='fb-root'><div/>
<script>
  window.fbAsyncInit = function() {
    FB.init({appId: 'your app id goes here', status: true, cookie: true,
             xfbml: true});
  };
  (function() {
    var e = document.createElement('script'); e.async = true;
    e.src = document.location.protocol +
      '//connect.facebook.net/en_US/all.js';
    document.getElementById('fb-root').appendChild(e);
  }());
</script>

<fb:like action="like" colorscheme="dark" expr:href="data:post.url" layout="standard" show_faces="true" width="500">
</fb:like>


Thursday, April 08, 2010

No I don't have my IPad with me...


Ok, this morning when I arrived at work there were a stack of IPad's waiting to be unpacked and dealt with, and I got my first taste of the Thing Everyone Wants.
I have to say I'm left feeling "Meh" about the whole thing.
For one thing it is pretty heavy to hold, I wouldn't want to  sit and read one instead of a book or a newspaper, in fact I can't even read electronic stuff on the train with it instead of with my phone, 'cos its not connected.
I can't even rest it on my lap at an acceptable angle unless I prop it up with a pen and two blobs of blu tac (that actually works quite well by the way, and you heard it here first). So:
  • I'll keep my ipod nano thx, because it slips into my jeans pocket,  I can hold it in my other hand while strap hanging on the tube, and I won't need to find somewhere safe to put it when I get wherever I'm going.
  • I'll also keep my phone, because I can use it to call people, txt them, twitter, facebook, email and surf the web while I'm on the train or outside, and indoors without paying for wifi access.
  • I also have my wallet, 'cos it has my cards and stuff in it
  • And I'm keeping the fags, 'cos a man has to have one vice.
Which means I could always use the 'pad as a handy tray for carrying them all around on.
I like it as an artifact, but I think its clear that however more portable it is than a laptop the 'pad isn't a mobile device, and given the choice I think I'd keep my hp mini netbook for surfing the web in my kitchen or using public wifi.


Tuesday, February 16, 2010

What can we infer from this Oracle statement on java.sun.com?


Oracle is reviewing the Sun product roadmap and will provide guidance to customers in accordance with Oracle's standard product communication policies. Any resulting features and timing of release of such features as determined by Oracle's review of roadmaps, are at the sole discretion of Oracle. All product roadmap information, whether communicated by Sun Microsystems or by Oracle, does not represent a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. It is intended for information purposes only, and may not be incorporated into any contract.
Now I'm not a lawyer but this would seem to imply that Oracle reserve the right to abandon any commitment that Sun may have made over the future of Java and anything that may have been commited to via the JCP.
Knowing Oracle this will involve abandoning anything that doesn't generate revenue.


Quote of the [specify time period]


No awards for a while, but today Tim Bray made me smile on twitter with this comment on the HTML5 shenanignas

This is getting weird even by Standards standards.
Have an award Tim.


I know nothing, I'm not a fortune teller, and you'd be insane to think that I am. This disclaimer was cribbed from an email footer I once received. It is so ridiculous I had to have it for myself.

Statements in this blog that are not purely historical are forward-looking statements including, without limitation, statements regarding my expectations, objectives, anticipations, plans, hopes, beliefs, intentions or strategies regarding the future. Factors that could cause actual results to differ materially from the forward looking statements include risks and uncertainties such as any unforeseen event or any unforeseen system failures, and other risks. It is important to note that actual outcomes could differ materially from those in such forward-looking statements.

Danny Angus Copyright © 2006-2013 (OMG that's seven years of this nonsense)