Monday 23rd May 2005
Seizure Robots and Website Design
You probably already know about these coma inducing contraptions. The Simpson's fell victim to them on their trip to Japan and other references can be found all over the net, but here's the link again (WARNING! potentially lethal):http://www.seizurerobots.com/
Somewhat related, it might be interesting for web designers/developers to note how different cultural preferences can be. Tim pointed out a long time ago how most US/European corporate websites went for a neat, professional look while Japanese sites like to add lots of colorful animations and flashy lights, much like the above mentioned site. I remember one (big) client who insisted on having a hit counter, something you won't normally find on a professional website.
The situation is similar here in Pakistan. Though most local sites I've seen aren't as nauseus and irritating, they tend to use a heavy dose of Flash, images and Java applets despite bandwidth being as precious as it is. There is little interest in the use of CSS and it is considered too elaborate for anything but the biggest sites.
Sunday 22nd May 2005
Vi Cheat Sheet Bib
Via Stuart's post on a mailing list, a vi reference bib for the baby geek:http://www.cafepress.com/geekcheat.11507926
"The reference chart is printed upside-down so the baby geek can easily read the commands (if they can read) while wearing the bib!"
It could be a hint (Stuart's birthday is coming up soon), though I hope it's not for Zen. He's almost 10 months old and if he still requires a cheatsheet, then his daddy has some explaining to do. ;)
Friday 20th May 2005
Google now has an option for a personalised page where you can view your favorite stocks, news sites, weather info and a lot more:http://www.google.com/ig
I occasionally use My Yahoo for the latest stock quotes and it does have a lot more functionality, but Google's page is much simpler and customizable. If they add a few more things, such as RSS viewing and a bookmarks option, I'll definitely start using it a lot.
OpenID - A distributed and open single ID system
OpenID allows you to authenticate yourself to sites that support OpenID without having to remember or maintain dozens of separate logins. It's basically meant for blogging sites that require authentication for leaving comments (such as LiveJournal), but should be made to work on any site.
The main advantages over other methods, such as Microsoft's Passport, are that it is open, distributed and not under the control of a single entity.
Doesn't look like it will be easy to setup on your own site, but I'll give it a try. These days, I let Firefox store all my authentication data, but when using different systems or after system cleanups, I have to try to find out what username/password I had entered which is tedious and time-consuming. There really is a need for a simpler, more global mechanism and OpenID might be it.
Tuesday 17th May 2005
Around this time last year, I ventured to start daily jogging in a park near my office in I-8 since I had stopped almost all physical activities for quite a while. This was going pretty well when I realised I'll be spending more time in ETC. I was even happier since I heard a lot of people there regularly went for hiking in the evenings, though it turned out that that was before everyone got busy. By the time I was there, they had stopped going altogether.
After a long bout of procrastination, yesterday I brought along my hiking boots and shorts to the office and decided it was now or never. In the evening, I grabbed Majed and just went straight to Trail No. 3, the base of which is about 5-10 minutes drive from the office. Apparently, it's a pretty popular trail and there's even a legend about Buddha stopping here for meditation during his travels to this region.
Despite being in quite an unfit state, we decided to take the nearly verticle "fireline" path instead of the main winding one. Bad idea. Very soon both of us were out of breath and Majed was having trouble controlling his legs. Though he didn't reach the hut at the top, I made it and was rewarded with an astonishing view of Islamabad at sunset and a great feeling of accomplishment. The ride, or more like rush, back down was bumpy and more dangerous, but still fun. Quite a few times, I I had trouble keeping myself from slipping on the loose stones.
I hope this becomes a regular thing and am trying to entice more people to join. Will have to find a tougher path soon. See ya at the top.
Thursday 12th May 2005
More on SSH and potential exploits
I've played a lot with SSH and though haven't experienced a single compromise through it, I still don't trust the default settings much. The first thing I do after setting up a server is disable direct root login through SSH (by setting "PermitRootLogin" to "no" in sshd_config). It creates an extra layer of security and makes accountability easier (may be worth mentioning that Bash 3 has a history timestamp feature which further eases this).
Next, I change the default port (tcp 22) that the SSH daemon runs on. Though some people might not agree with this, it would deter such things as worms and automated breakin attempts. Other things you can do to increase security include using the "AllowUsers" option to limit the accounts that can login and from which IPs/networks. Here is an example:
AllowUsers sajjad firstname.lastname@example.org email@example.com.*.* firstname.lastname@example.org
This example allows user "sajjad" to connect from anywhere. User "eggs" can connect only from the IP 172.16.123.123 and the 172.17.0.0/24 subnet. User "spam" can only connect from the IP address 172.17.134.31. All other users will not be able to login, even with the correct password/key.
Another useful thing is to disable password logins altogether and
stick to using SSH keys which makes brute-force password attacks
useless. I used to do this by just creating a user, copying the key of
the allowed user to "~
Lastly, you can use iptables (or an external firewall) to restrict access to allowed IP addresses or networks. This would prevent attackers coming in from other IPs from accessing the running SSH daemon and exploiting a newly discovered vulnerability. Combine all these together and you have a virtually unbreakable server.
Note: The above have settings have been tested on OpenSSH (upto version 3.9p1) and may not be available on other versions.
Friday 6th May 2005
Beam me some Metallica, Scotty
Here's something that might come in handy when you want to punish one of your minions by making him listen to your singing without driving the others to rebellion. Naeem sent me this story about a soundless sound system, developed by Elwood Norris, an inventor who has also developed a flying scooter.
It claims that the "hyper sonic" sound can be "pointed" to any person, something like a torch light, without anyone but the person hearing it in their head. Sounds far-fetched doesn't it? That's why I'll group it together with the perpetual motion machine invented by a Japanese musician and Dean Kamen's overhyped "it" until I try it out myself.
Skepticism aside, I would like to see if this sounds anything like the other voices in my head. Can already imagine the possibilities of such a device. Much better and focused LAN gaming, power honks that teach those road hogs a lesson without annoying other drivers, speaker or mobile phones that preserve privacy without the need for bluetooth or other handsfree devices.
Tuesday 19th April 2005
The bright side of Pakistan
Someone sent me a link to this news blog with comments along the lines of "no strikes, agitation, long marches or bad news. Just good news". It really is nice to see something positive about this country:http://dareecha.blogspot.com/
Something I've noticed since coming here is that things have improved a lot and are constantly improving in most places. Though it might not be best to let your guard down, the security situation is much better and there haven't been any big incidents in a while.
At least in and around the big cities, there's lots of development going on. There is cut-throat competition between mobile carriers which has made communications very easy. Technology is fast becoming affordable for the masses and the quality of IT professionals seems to be improving. There's even talk of an "Internet City" though it must still be in initial stages.
Just hope the traffic situation improves soon.