Author: sjan

Development

Music from chaos

A conversation with a coworker the other day got me thinking about ways to make our “noodling” a reality. We were trying to come up with a way to generate random music (defined by octave, step, and duration), while maintaining harmonic relevance. (In other words, we want to create music, not noise.)

We decided we should start with the following propositions:

limiting the tones to a pentatonic scale
limiting the octave range to that audible to humans
limiting the duration of tones to a maximum of one or two whole notes

Beyond that, the discussion turned to how to generate the random values. Since I have been reading about the history of Nonlinear Dynamics (chaos) lately, my first thought was, of course, to generate the values for octave, step and duration by using a set of non-linear equations. So, of course, the first choice would have to be the Lorenz “butterfly” equations .

So, the plan is to calculate the values, convert them to MIDI values and write them out to a file using Python. Since the outcome of the equations relies on the starting conditions (Sensitive Dependence on Initial Conditions – also called the “Butterfly Effect” ) we thought that we could use starting values such as the current Temperature, Barometric Pressure and Humidity, or perhaps Date, Time and processs number, or counting Buicks, Chevys and Fords in the parking lot. Pretty much any 3 starting numbers.

Security

China’s Firewall Breached

Researchers from the University of Cambridge computer laboratory have announced that they were able to successfully bypass the restrictions of China’s firewall, and found a DOS vector at the same time.

Richard Clayton , (UC computer lab) explained that when a keyword is found in a packet. the routers let the traffic through, but send resets to both sides of the connection. Ignoring those injected reset packets at both ends is trivial and renders the firewall completely ineffective.

On the other side of the coin, since the firewall uses stateless packet inspection to search for keywords, a forged packet containing one of these keywords, with a source and destination IP belonging to say, a Chinese goevernment website and a Chinese embassy somewhere, would effectively cut off all communication between those two endpoints for up to an hour. Unless, of course, they are also bypassing the firewall and (by doing so) the restrictions placed by the government they represent.

Linux

SourceForge Enterprise Edition

If, like me you spend a lot of time on SourceForge and wish you could harness the SF functionality in your own development environment then this is for you. SourceForge has released SourceForge Enterprise Edition 4.3.

This is a VMWare Virtual Appliance that allows for up to 15 free users. I haven’t put it to use yet, but I will be implementing a test of it (hopefully) sometime this summer at work to see how well it meets our development, project and bug-tracking needs.

If it is all it promises to be this may be one of the most useful tools for small-team distributed development ever.

Security

FUD or Failure?

While not exactly in the arena of what is meant by “Network Security,” I just couldn’t resist commenting on the failure of the U.S. House of Representatives to include Net Neutrality in the COPE (Communications Opportunity, Promotion, and Enhancement – H.R. 5252) Act here. (story)

So why would I post this in security? With telcos given the option of giving bandwidth priority to some sites or content types without penalizing them, and with the possibility of telcos charging customers extra fees to access certain sites (as in sites that are on another carrier’s backbone connection) the security risk I see is to the free exchange of information. If AT&T gets a bug up their butt and decides that any content on Verizon isn’t as important as content on AT&T networks, they could throttle those links, effectively cutting their customers off from Verizon customers, and vice-versa. Then it is a simple matter to charge a “net long-distance” fee for customers to get some of that restricted bandwidth.

Will it happen that way? I don’t know. I would hope not, but given the behaviour of the telcos over the past few years I wouldn’t put anything past them at this point.

Security

Disposing of old hard drives

Before you toss that old hard drive out stop. What information is on there? How about your personal information? Banking information? Maybe even some incriminating or embarrasing pictures, emails or documents?

Now that you are thinking about what may be contained on that drive, how hard would it be for someone else to pick it up and slap it in a machine and pull that information off? Not hard at all.

There are several ways to make sure that the data on the disk is not (easily) recovered. One way is physically destroy the device. One common practice for physical destruction is to drill the case, and straight through the platters (they may shatter and/or throw off shards so be sure to wear proper eye protection.)

Many stores offer to do this for you when you upgrade your hard drives. There is nothing wrong with letting the store do this for you, but make sure you watch every step of the process or you may end up surprised like the couple in Springfield Township, Ohio. They trusted their local Best Buy store when they were told that the drive would be destroyed, but got a phone call a year later from a gentleman in Chicago who told them that he had just bought their hard drive at a flea market, with all their data in tact.

If you are planning to pass your drive on rather than trashing it, however, there are a couple tools that may come in handy. One is Eraser by Sami Tolvanen. It can be used to overwrite files, directories, or entire drives with pseudo-random binary data. If you have more than one drive you want to wipe, however, it makes it difficult to use something like Eraser. In this case you can use Darik’s Boot and Nuke – you boot from the floppy or CD and it wipes the entire drive(s) installed in the machine.

Development

Smart Testing

Scott Sehlhorst (developer.*)has written a concise article on how to do smart software testing. While I have worked with non-technical people who wanted “full-coverage” testing of all builds, and have also worked with non-technical people who wanted to skip testing and just go live and “fix it in the field,” I have not previously had the numbers to say “yes, this has been tested and we are 99% confident that the application is 99% bug free.” Without having the numbers and formulae at hand the best I could previously say was “I am pretty confident that it is mostly bug-free.” Well, I know that the 99/99 numbers sound a lot more confident than that, and I am less likely to spend a week running tests to get as close to full coverage as possible now that I have this bit in my tool-belt.

Firefox

Google Calendar Notifier 2.1 released

Google Calendar Notifier 2.1 , by Nicholas Pike was released yesterday. If you use Google Calendar to keep track of your time this makes a handy way to interact with it via Firefox, which is my browser of choice.

This is a nifty little extension – get it now!

Open Source

OpenDocument Format now ISO/IEC 26300

Well, it finally happened! The Oasis OpenDocument Format (ODF) was voted in by ISO as ISO/IEC 26300.

Sounds like a boost for OpenOffice, KOffice, StarOffice and the rest! You can find the press release from the ODF Alliance on their news page.

Alaska

Weekend in Seward

We spent a beautiful weekend in Seward where we lucked out on the best weather of the year so far, and calm seas, and we got to go before tourist season really gets rolling.

I would highly recommend that anyone planning on visiting Alaska go to Seward, or Whittier, or Homer, or well, you get it – anywhere that they can find a boat tour. It doesn’t matter whether it is a wildlife or glacier tour – you are going to see both anyway.

We went on the whale-watching tour. Although we were late in the season for the migration we did see one humpback, even if it was only briefly. We had Dall porpoises playing in the boat’s wake and saw tons of birds and (of course) Stellar sea lions hauled out on the rocks.

Perhaps the best bit, though, was that as we were on our way back in, we ended up right in the middle of an Orca pod.

The low point of the trip: the “lunch” – airline style – with a bagel, single-serving cream cheese, a single-serving (.5 oz) piece of cheddar, and a cookie. You don’t always get the best meals on the boats, and so far, Renown Tours seems to be on the low end of that.

Major Marine Tours, however, does a great 6 hour tour later in the season that includes all-you-can-eat baked salmon and prime rib. I believe we had halibut on the Prince William Sound tour we took last year, but I’m not sure.

Music

Feeling the itch to compose

While I have been incredibly busy at work and busy with other projects, I find that I am missing composing. So I think that it may be time to get back to working on music.

With that in mind, I will no doubt be giving a few of my favorite online tools a workout. For things like modifying samples I use the audio tools at thewhippingpost.co.uk quite a bit. For things like finding odball sounds to work with of course I turn to Google. When it comes time for percussion inspiration I go to SHARE for African rhythms and Jas‘s Middle Eastern Rhythms FAQ. I use Anvil Studio for creating bass, melody and spheres, and then pull them into TiMidity to convert them to sampled wav files. Now, if I could just find an online idea generator . . ..

evardsson.com: stuff that w0rks