Jason Spence
[Recent Entries][Archive][Friends][User Info]
Below are the 20 most recent journal entries recorded in the "Jason Spence" journal:[<< Previous 20 entries]
|
10:16 pm
[Link] |
SQL Server 2005 Express Edition
With Vista, Microsoft seems to have finally thrown support for Microsoft SQL Server Desktop Engine out the window. I have a Microsoft product that depends on a SQL Server compatible database for installation, and it flat-out refuses to install on Vista using MSDE 2000. I grabbed SQL Server 2005 Express Edition instead, and while looking for the download link I couldn't believe how much other stuff the SQL group is giving away.
For starters, there's a SQLite competitor called SQL Server Compact Edition, a free day of video training on how to use the product, a $49 developer edition with all the features of Enterprise Edition, a reporting tool to make quick reports from the data, and lots of other stuff.
If you don't mind being locked into Windows, that means you can get an account on a Windows Server 2003 box and throw up a whole web serving stack (IIS, ASP, SQL Server Express, C#), for nothing but the cost of the OS. With the cost of Windows Server 2003 Web Edition licenses dropping past $250 because Windows Server 2008 is about to come out, this might be a great idea for folks who don't need or want to know anything about Unix. If you get a hosting provider to amortize the cost of the license for you, it's even cheaper than that.
By the way, you really do need a Windows Server 2003 license. You can't weasel out of this by using a cheap XP or Vista license, since both products include a clause in the EULA saying you can't use them for "commercial hosting." (Vista EULA section 8, XP EULA section 5).
|
|
11:28 pm
[Link] | My Thinkpad T61 is a great product except for the default Windows software load, which stinks pretty bad. Something that's been bugging me for a while has been display artifacts when playing back full-screen video on the Quadro 140M in my model. I just fixed it by twiddling with the Nvidia control panel settings and disabling the PowerMizer feature.
|
|
08:00 am
[Link] | Linux Weekly News is running a series called What every programmer should know about memory, which discusses many topics that are somewhat critical to understanding what's going on in your computer. The text applies to all operating systems, not just Linux, and is well worth your time to go through. Some of the effects described are only going to become more prominent in the next few generations of silicon, and you should be aware of them so you don't do anything silly on your next project.
|
|
08:00 am
[Link] | The other day I had to talk to a Force 10 Networks switch, and I typed "help" at the IOS-like CLI prompt. I got this back:
Special keys:
DEL, BS .... delete previous character
Ctrl-A .... go to beginning of line
Ctrl-E .... go to end of line
Ctrl-F .... go forward one character
Ctrl-B .... go backward one character
Ctrl-D .... delete current character
Ctrl-U, X .. delete to beginning of line
Ctrl-K .... delete to end of line
Ctrl-W .... delete previous word
Ctrl-T .... transpose previous character
Ctrl-P .... go to previous line in history buffer
Ctrl-R .... rewrites or pastes the line
Ctrl-N .... go to next line in history buffer
Ctrl-Y .... print last deleted character
Ctrl-Q .... enables serial flow
Ctrl-S .... disables serial flow
Ctrl-Z .... return to root command prompt
Tab, command-line completion
Exit .... go to next lower command prompt
? .... list choices
Except for the history related stuff, this is a good list of the "standard" control codes that you should expect to be supported by a modern interactive shell. Unfortunately, much of this knowledge is spread over several standards, so most people tend to pick it up by word of mouth when they work in a multiplatform environment. For example, most of the movement commands can be found in the Bash manual, C-s and C-q come from ASCII, C-z comes from Cisco IOS's use of the DOS convention (which in turn is DOS trying to play nice with CP/M), and the DEL and BS mess is familiar to anyone who's used Linux for a while.
I had to write the server side of a terminal implementation for an embedded system once, and it was a pain in the ass trying to find references for all these control codes I've picked up over the years. It's nice to see them all in one place for a change.
|
|
08:00 am
[Link] |
Sun: Great engineers, marketing... not so much.
I went to go check my email the other day and found this waiting for me:From: Sun Microsystems <engage@mail.communications.sun.com>
Subject: Buy $99 Solaris OS support, get $50 for dinner
Sun Microsystems
GET SUPPORT. GET SUPPER.
Buy a Solaris Subscription and enjoy dinner on us
What the hell? At first I thought it was a prank, then the email rapidly turned into the usual Sun corporate communications lulz and I realized this was a serious offer from them:We're glad you're up and running on the Sun Solaris 10 Operating System! Now for a limited time, purchase a Solaris Subscription: Basic Service Plan for $99 (a $240 value) and get great support plus $50 in restaurant gift certificates.* Or buy discounted Standard or Premium subscriptions and get up to $200 in dining gift certificates.
Learn More...
http://communications1.sun.com/r/c/r?2.1.3J1.2T%5f.11Oo6U.CHA..N.Ekn0.1qmy.DabMEac0
* I'm Ready for Dinner!
http://communications1.sun.com/r/c/r?2.1.3J1.2T%5f.11Oo6U.C5A..N.Ekn0.1qmy.DabMEac0
Not interested? Let us know.
http://communications1.sun.com/r/c/r?2.1.3J1.2T%5f.11Oo6U.CA..N.ElKA.1qmy.DZJQEaL0
Maybe they're trying to say something about Solaris users...?
I was talking to some guys at an office near Stanford the other day and their Director of Engineering guy with the cool British accent [1] told me a funny anecdote about how one time at Sun his old boss Mr. Ponytail tried to convince a key Linux engineer to stay with Sun instead of leaving to do Linux stuff at Google. Mr. Ponytail did this by babbling on about how Linux is a stack of poop lasagna compared to Solaris, which of course just pissed the engineer off even more. Oops.
Reading the OpenSolaris code and the Solaris Internals book, I've come to respect Sun's technical staff, but clearly their external communications need a little work. Because it's really funny, I'm going to pull this infographic out again, courtesy of Ars Technica: 
I think that Apple has it all figured out with their Hollywood release model, where they shout RA RA iProduct yaaaaaay iProduct as loud as they can and everyone talks about how awesome the iProduct is and then they queue up for a place in line so they can give Steve Jobs fat wads of cash. No one ever gets excited about things like Thumper or dtrace. Then again, I guess it's kind of hard to make backend server stuff sexy in the same way the iPhone or the iPod are sexy. It's been tried, but it just does not work:
[1] Lately, all of my project supervisors have been tall British guys with strong accents, and it kind of weirds me out, like there's a secret society that's trying to take the Union back. Oh wait, the PM for the current project I'm working on is a Scot, but that still counts since he's from the UK. (Yes, I know it's a different country, but I'm a dumb American and all you guys sound the same to me.)
[edit] Oops, I've been told Scotland is not actually another country and a Scottish accent is really quite different from an English accent if I would bother to pay some damn attention :)
|
01:19 am
[Link] | Earlier today I had to give someone a file from a unix machine, but he was behind a NAT box and all I had was python. What to do?[jspence@somewhere /home/me/somewhere]$ python2.4
Python 2.4.4 (#2, Oct 18 2007, 10:08:13)
[GCC 3.4.6 [FreeBSD] 20060305] on freebsd6
Type "help", "copyright", "credits" or "license" for more information.
>>> import SimpleHTTPServer
>>> SimpleHTTPServer.test()
Serving HTTP on 0.0.0.0 port 8000 ...
The web server that gets started serves up the contents of the current directory, with protection against all the usual things like directory traversal and CGI execution.
|
|
05:35 am
[Link] | Earlier this week I borrowed a labelmaker from someone to label a CD, and in turn they asked me where a good place to put the label would be. She wasn't quite sure where the data was on the CD, and thought putting the label on the top might be bad since the data might be there.
The data actually is on the top side of the CD, but there's usually some coating there to keep your grubby fingers from messing it up with a label. Maybe a picture would help:
| Polycarbonate |
| Label |
| Aluminum data layer |
Polycarbonate
|
Most people see this and think, well that's stupid, the laser is shining on the bottom of the CD so why not put the data closer to the bottom? Why is there all this plastic in the way?
It's for the same reason you can drive in the rain. The engineers who designed the original compact disc specification knew that if you focus on something far away, small objects in the way blur out and become invisible. When you're driving in the rain, your eyes focus on the road ahead of you and stuff on your windshield disappears. If you deliberately focus on a windshield while it's being rained on (park your car first), you can see that the rain is really kind of annoying unless you focus on objects past it.
The thick polycarbonate layer between the laser and the data layer ensures that any dirt on the bottom of the CD will be on the laser's "windshield," and the laser can focus on the data down the road.
 These days, the new 400 nm optical recording media have data densities so high that this simple model doesn't cut it anymore and the discs have become pretty complicated. The picture over to the right is what Verbatim says their Blu-ray discs look like these days. I haven't read the Blu-ray specification so I don't know what the dielectric layer is for, and it's probably going to bug me until I figure it out. There's certainly a good reason for it, but seeing it in this context is like seeing a part labeled "Cuisinart" on my bicycle.
|
|
08:00 am
[Link] | One of the style things that programmers in {}; (C, Java, ...) languages run into when they enter the real world is the fight to have exceptional or non-exceptional code first. An example of exceptional-first:
rc = dostuff();
if(BAD(rc)) {
goto out;
}
rc = do_more_stuff();
if(BAD(rc)) {
goto out;
}
rc = yet_more_stuff();
if(BAD(rc)) {
goto out;
}
finish_up();
out:
if(did_stuff) { free_dostuff(); }
if(did_do_more_stuff) { cleanup_do_more_stuff(); }
if(did_yet_more_stuff) { undo_yet_more_stuff(); }
The other way:
rc = dostuff();
if(GOOD(rc)) {
rc = do_more_stuff();
if(GOOD(rc)) {
rc = yet_more_stuff();
if(GOOD(rc)) {
finish_up();
}
undo_yet_more_stuff();
}
clean_up_do_more_stuff();
}
free_dostuff();
There are many arguments for and against either style, and I'm going to analyze them over the next few days. For now, think about your initial reactions to both styles.
|
|
02:20 pm
[Link] |
And you thought your job was hard
|
08:00 am
[Link] | To compensate for yesterday's post, here's something useful. Consider an ASCII letter, like A. A is 0x41 in hex, or 01000001 in binary. Lower-case 'a' is 0x61 in hex, or 01100001 in binary. Notice something? Check out bit #5:01000001 A
01100001 a
That's right, they differ by only one bit. That's true for the entire alphabet in ASCII, and you can take advantage of this by setting or masking bit #5 as appropriate to upper-case or lower-case a character.
When reverse engineering, the hex sequence 0x20202020 or 0xDFDFDFDF (four bit #5's) sometimes shows up in string manipulation code because the program has inlined an upper-case or lower-case routine. 0x20 is also the ASCII space character, so it might be something involving spaces too. Use common sense to figure it out.
I learned that from David Topham in the mandatory x86 assembly class at Ohlone College. I don't think I ever learned anything that practical at Berkeley, and I sometimes think of this when people say bad things about the California Community College system. I've seen the Calculus classes at both schools, and I have to say that I think the Ohlone classes are a hell of a lot better than the ones at Berkeley. Maybe I would have done harder problems, but dammit, I learned the Calculus at Ohlone. At Berkeley they seemed a lot more interested in using them as weeder courses.
|
|
05:23 pm
[Link] | I can't believe it, but it's still logging me out. It actually triggered the suspend timer and I had to wake the machine back up.
|
02:10 pm
[Link] | I rebooted my Vista dev box about an hour ago to finish installing some patches. This usually closes all the applications and briefly displays "logging out" before jumping to the BIOS's entry vector. Instead, it's been displaying "logging out" for over an hour now and the hard drive is going crazy with what sounds like random I/O. I can't even connect to the box because the window shutdown flag has been set and the kernel won't let things like tlntsvr spawn new processes.
I thought that some of the people who have been complaining about Vista were just whiny, but I'm beginning to suspect that avoiding Vista might be a wise decision. Some of the features are genuinely useful, like shadow copy and cancellable I/O, but losing access to my box for an hour trumps any marginal productivity gains.
It's still going...
Current Mood:  annoyed
|
08:00 am
[Link] | Never underestimate the comedic value of a well-timed fart:
|
|
08:00 am
[Link] | Someone on IRC requested that I add a PRIVMSG feature to my NMS so that the IRC bots that represent each of my servers stop talking about operating system patches once a month in the IRC channel where we meet. He said that it reminds him of bunch of girls having their period, and he's kind of right:[NMS_master][04:01]Who has patches?
[xxxxx6][04:01]I have 7 patches.
[xxxxx2][04:01]I have 7 patches.
[xxxxx17][04:01]I have 7 patches.
[xxxxx06][04:01]I have 7 patches.
[xxxxx22][04:01]I have 7 patches.
I looked into patching the IRC library, which is pretty old by now, and ended up just bolting irclib.py onto my existing interface instead. The original IRC library was written in C, and I surprised myself by switching over to python in the course of an hour or so. It's a hell of a lot easier to deal with than Perl's XS mechanism, which requires you to learn a new language to define the C to Perl mappings. In Python, you just embed the python interpreter and call PyEval_CallObject. You still have to do manual reference counting, but the Boost guys seem to have a library which takes care of that for you.
|
|
08:00 am
[Link] | I interviewed at a big company here in the Bay Area earlier this week, and despite what everyone says about their interviews, I came away thinking that I wasn't very challenged by it. I ended up teaching one of the interviewers about UML and chirality, and had a few good laughs over lunch with another fellow. Most of the other interviewers seemed eager to get back to what they were doing.
One thing bothers me: I received what I thought was a very nice offer from a little startup that's doing some super-cool stuff, and when I mentioned the number to one of the interviewers, he said something like "and then when you finished laughing..." which makes me think my idea of what a reasonable W-2 salary is might be incorrect. The last time I received a W-2 was when I worked for my high school cafeteria, so I have no idea what I'm supposed to be paid for a "real job", other than to subtract 25% from my 1099 rate and multiply it by 2000 (roughly the number of full-time work hours in a year and a handy number to know).
One constant in all these interviews is that quite a bit of what I learned for the CTF competitions at DEF CON etc seem to be considered black magic guru type things by regular programmers. For whatever reason, questions about many of those subjects make good interview questions and I hear them a lot.
I'm not going to quote any actual interview questions, but some examples might be:
- How are destructors for static global objects implemented in C++?
- What is the value of an automatic-class variable declared in C?
The answers are:
- Usually there's a
.dtor (destructor) section emitted by the compiler's infrastructure junk, and it contains a list of function pointers to the destructors themselves. Since they take no arguments and return nothing, the shutdown code just calls each routine in order. This technique is used to execute arbitrary code in situations where you can only overwrite a single pointer-sized chunk of memory, and have the ability to dump a payload non-destructively in the process's memory space.
- This is a doubly tricky question. The answer to someone who thinks they know what they're doing is that the value is random since it's a stack variable. The correct answer is that it is either zero because the routine is using space from zeroed pages at the top of the stack, or they will be values from routines that have already used space from that part of the stack. This fact can be taken advantage of in all kinds of ways for stack-based overflows. The values are absolutely not random, and if you can nail down a call graph (and there's no use of
_alloca()...) you can predict what they will be with startling accuracy.
Anyone outside the security community would consider either fact to be deep black magic, unless they've implemented a compiler or something. It just goes to show that learning how to attack can often be the best way to defend.
You know, I think there's a sound bite of me saying something like that on a San Diego news show, but I don't feel like putting a video of me in my stupid convention costume on my blog. The sound bite is something like "sometimes the best way to build a better bank vault is to try to break into one," which is something I pulled out of my butt when the interviewer lady popped the "anything else?" question after the usual ones. If you ever hear that, it's code for "we didn't get a good sound bite when you were babbling earlier, so throw us a bone here."
|
|
08:00 am
[Link] | I got a little annoyed at Vista's sluggishness earlier today, and went to go buy some more memory for my dev machine. After upgrading the thing to 4 GB, I booted Windows and found it had capped the physical memory at 2 GB. It turns out that the nForce4 chipset in the machine won't map any more memory than that without enabling long mode, and that requires Vista x64.
So I burned a x64 DVD from MSDN, and found out that I can't do an in-place upgrade of Vista x86 to x64, which sucked. I don't really feel like backing up the drive and doing a restore, because the machine has something like 750k files on it due to all the source code trees I'm working on at the moment and I really don't feel like not having a dev machine for a day or so while everything gets copied.
Now I'm not a really impatient guy, but Vista is seriously slower than XP on my hardware. The Windows I/O situation was supposed to stop sucking now that the Vista kernel has I/O prioritization, but things like the search indexer are still interfering with interactive performance. The hardware isn't the problem; it's a decent processor with more RAM than it needs, an Nvidia 7800 GTS and 150 GB Raptor (which StorageReview thinks is the fastest thing you can get for single-user use). I also have 2 GB of crazy fast ReadyBoost flash going. But I still get these weird multi-hundred-millisecond pauses when doing utterly trivial things like clicking on native buttons in the Mozilla project I'm working on, and it really bugs me >:(
|
|
08:00 am
[Link] | I was screwing around with the dev tools on my new Mac OS 10.5 install, and decided to build a four-architecture MACH-O binary, because why not. Hello world for 32-bit PPC is only 8k, and the four-architecture version was only 50k, which I thought wasn't too bad. The java one was a couple hundred bytes though, which I thought was kind of neat.
The man page says that the only options for Apple GCC's -arch flag are x86, ppc, and ppc64, which is bogus. To get 64-bit x86, say -arch x86_64.
I kind of want to run 64-bit 10.5 to learn more about how Apple is dealing with the usual 64-bit vs 32-bit implementation stuff, but I don't own any 64-bit macs. Maybe someone can make me an account on their box?
|
|
08:00 am
[Link] | I went over to a friend's house for lunch the other day, and he was playing Halo 3 on his big TV. During one of the scripted sequences, I noticed Miranda Keyes walking down a flight of stairs, and was kind of surprised that Bungie chose an animation loop for the job. I guess the advanced skeletal models in the things I've been looking at lately have spoiled me (*cough* Source *cough*), but seeing the character model airwalking like that was kind of jarring. This goes double because of all the hype Halo 3 has gotten.
Basically, this technique is a cop-out. The way it works is you have your character model go into its animation loop for walking, then you start moving the model in a line from point A to point B (in this case, from the top of the stairs to the bottom). On a flat surface this looks fine, because your standard walk animation has the feet start and stop on a plane perpendicular to the character's vertical axis. If this plane is the same plane as the ground the character is walking on, you're good.
But with stairs, it's a little more complicated because it's not flat. You can model it as a slope which has a flat surface (picture a slip-and-slide), but that's not reality. In reality, they're stairs! The character has to put their feet on them, and that requires all kinds of messy physics stuff, constrained skeletal animations, that kind of thing.
The other day, I saw that there's a company named NaturalMotion that has a product called Euphoria that does most of this stuff. One of the things I learned when I was studying computational physics was how very non-parallelizable these kinds of simulations are. You can run the physics stuff itself in another thread, but the physics calculations themselves generally involve solving matrices of coefficients to differential equations representing the different force vectors affecting the object, and they all have to be done at the same time. You also have to run the calculations several times per second, and the results have to be fed into the GPU before it can even begin rendering the frame! I'll bet the NaturalMotion guys had a great time trying to meet their performance numbers on single-core machines.
While getting the URLs for the above links, I noticed that it looks like LucasArts is going to be using Euphoria for Star Wars: The Force Unleashed, which I hadn't heard about until today. The trailer on their start page is super-duper kick-ass, and you might want to go have a look at it if you're into that kind of thing. They really show off the physics component by having the character throw stormtroopers every which way.
I also had a bizarre idea: thinking about whatever health care problems The Empire has with its stormtroopers kind of puts our country's much smaller ones into perspective.
|
|
08:00 am
[Link] | The other day, I had to have a shell script sleep for a little bit of time on a embedded Linux box. I couldn't figure out how to do it with the available tools on the box, so I wrote one:#include <sys/time.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
int main(int argc, char * argv[])
{
struct timeval tv;
if(argc < 2) {
fprintf(stderr, "Usage: usleep MICROSECONDS\n");
return EXIT_FAILURE;
}
tv.tv_sec = 0;
tv.tv_usec = atoi(argv[1]);
return select(0, NULL, NULL, NULL, &tv);
}
|
|
09:33 pm
[Link] | The last few weeks have sucked a little for me, because quite a bit of infrastructure has been going up and down. First, Verizon decided to move a cell tower, so my EC/I_o rating for my EV-DO radios has gone from about 2 or 3 to about 20 or so. Right now, it's 19. I ended up cancelling my Verizon service because I'm working from home on this current contract and I didn't feel like paying $120 a month in fees for something I'm not using. Besides, I'm going to convert to Sprint SERO in the near future.
Then, Comcast tells me that there's a problem with my cable modem, and takes a week to tell me that the "problem" is that it got cloned and they need to replace it. The replacement didn't work too well, and they missed a truck appointment earlier this week to replace the replacement, so I'm currently doing some pretty wacky wireless things to get online at the moment.
Today, I woke up and heard all the UPSes in my downstairs computer farm beeping, because the power was out. PG&E took their sweet time figuring out what was wrong, and they finally found the problem at about 6 PM:
That's a feeder cable that goes from a maintenance switch to the residential transformer at our complex. The burnt part is where the cable shorted out, possibly due to some wiggling incurred during the earthquake earlier this week. In the meantime, I happened to have a generator that I was holding onto until my friend could pick it up, and I'm using it to power a few things for my neighbors, like lights and and a big wifi access point. PG&E says it may take a day or so to fix the connector, so I'm digging in for a while.
One nice thing about the outage is that the 2.4 GHz spectrum is unbelievably clear in my complex right now. The noise floor dropped below -100 dBm, which is the first time I've ever seen the spectrum that clear around here. On a typical day, it's more like -85 to -90 dBm and there's easily a few dozen 802.11 beacons visible at any point in the complex. At the moment though, I've got the only working access point and I can connect to it from a block away!SSID: "Emergency Wireless"
Mode: Managed RSSI: -65 dBm noise: -101 dBm Channel: 1
|
[<< Previous 20 entries] |
![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small}
jspence's journal