18 September 2013

Admiral General Aladeen's Rationale For a Dictatorship

I was watching the movie 'The Dictator' again on the plane a couple weeks ago. Although I had seen it before and knew it was funny, I was reminded all over again how hilarious it is to watch Sacha Baron Cohen poke fun at life. Here is Admiral General Aladeen's final speech in the movie on dictatorship vs. democracy, too damn funny:

Imagine if North America was a dictatorship:
  • You could let 1% of the people have all the nation's wealth
  • You could help your rich friends get richer by cutting their taxes and bailing them out when they gamble and lose
  • You could ignore the needs of the poor for healthcare and education
  • Your media would appear free but would secretly be controlled by one person and his family
  • You could wiretap phones
  • You could torture foreign prisoners
  • You could have rigged elections
  • You could lie about why you go to war
  • You could fill your prisons with one particular racial group and no one would complain
  • You could use the media to scare the people into supporting policies that are against their interests
Ahhh, the irony! 

04 September 2013

FizzBuzz in Perl One-Liner

Last week something caused me to remember the Obfuscated Perl Contest that used to take place back in the 1990s in The Perl Journal (all issues available here.

Here is FizzBuzz in a Perl one-liner. Why? Because I can.

perl -e 'for (my $i=1; $i<100; ++$i) {($i%3==0 and $i%5==0) ? print "FizzBuzz\n" : (($i%3==0) ? print "Fizz\n" : (($i%5==0) ? print "Buzz\n" : print "$i\n"))}'

25 July 2013


It's not a bug, it's a feature ;-).

02 July 2013

Ack is Better Than Grep

_   /|
   U    ack!
Several years ago I discovered ack from hackernews or somewhere like that. If you are a grep user, then you will love ack. Check out Better Than Grep to learn all about it. Ack written in Perl and, therefore, uses Perl regular expressions so it's damn fast compared to grep. So fast it's actually shocking. Below are some steps I used to install it via MacPorts. Please note that I was unable to find it after it was installed so I had to resort to manually creating a symlink to it in my ~/bin directory.
$ sudo port install p5-app-ack
$ which p5-app-ack
$ # No output from which -- so where is it??? 
$ sudo port list p5-app-ack
p5-app-ack                     @2.40.0         perl/p5-app-ack
$ # Well it did install something, so let's look at the contents of the package 
$ sudo port contents p5.12-app-ack
Port p5.12-app-ack contains:
$ # Aha! There it is in /opt/local/libexec. I will just symlink to it and be done. 
$ ln -s /opt/local/libexec/perl5.12/ack ~/bin/ack
$ ls -l ~/bin/
total 8
lrwxr-xr-x  1 bruce.snyder  128844131  31 Jul  3 15:32 ack -> /opt/local/libexec/perl5.12/ack
$ ack --version
ack 2.04
Running under Perl 5.12.4 at /opt/local/bin/perl5.12

Copyright 2005-2013 Andy Lester.

This program is free software.  You may modify or distribute it
under the terms of the Artistic License v2.0.
$ # Now I'm good :-) 
Happy Ack'ing.

07 June 2013

Remove/Reinstall of MacPorts

After trying to upgrade Mercurial to the latest version via MacPorts, I ran into some compilation issues with a couple dependencies that I could not resolve at all. After realizing that there were dependency resolution issues amongst different versions of dependencies for different ports, I decided to remove and reinstall MacPorts from scratch. This provided a clean slate and everything worked without a problem, though I was annoyed that I had to take this drastic action and spend the time to get MacPorts working again.

Bash Completion For Git

One thing that I ran into was another change to the bash completion and prompt for git. As I mentioned in a previous post about this topic, the location of the location for the git-prompt.sh file had changed but this time I discovered that I had to source both the git-completion.bash file and the git-prompt.sh file to get things working. Below is what worked for me.
if [ -f /opt/local/share/git-core/contrib/completion/git-completion.bash ]; then
  . /opt/local/share/git-core/contrib/completion/git-completion.bash

if [ -f /opt/local/share/git-core/contrib/completion/git-prompt.sh ]; then
  . /opt/local/share/git-core/contrib/completion/git-prompt.sh

Bash Version 4.x

As I was reinstalling ports I noticed some logging that flew by in the terminal stating something about a requirement to use Bash 4 for the bash completion functionality to work properly. So I decided to utilize the newer version of Bash installed by MacPorts and here's how:
  1. Add the path to the new bash (/opt/local/bin/bash) to /etc/shells
  2. Use the chsh utility to change the shell to the new bash: chsh -s /opt/local/bin/bash
  3. After closing the terminal and opening a new one, check the bash version using either of these methods:
    $ echo $BASH_VERSION
As long as the version displayed is the newer version from MacPorts, you should be ready to go.

Just for my own sake and in case I need it in the future, I'm going to list a number of items that I had to reinstall:

$ sudo port install git-core +bash_completion +doc +svn
$ sudo port install tig 
$ sudo port install mercurial +bash_completion
$ sudo port install gnupg curl wget ncftp tree pstree watch screen proctools mtr cowsay
$ sudo port install postgresql90-server
For more info about installing and configuring PostgreSQL, see my post titled 'Installing PostgreSQL 9.0 on Mac OS X 10.6.8 via MacPorts' that walks you through many steps to get PostgreSQL up and running.

09 May 2013

How To Switch From AT&T to T-Mobile

Just recently I made the switch from AT&T wireless to T-Mobile using my own iPhone 4s. Beyond some administrativa, all I had to do was purchase a T-Mobile SIM card and I was ready to go.

Somewhere back around 1999 or 2000, I switched to Voicestream Wireless (switching away from Airtouch Wireless). Sometime after that, T-Mobile acquired Voicestream and I stuck with this service until 2008 when I switched to AT&T so that I could get an iPhone. I always had great customer service from T-Mobile and I had excellent roaming in Europe where I traveled often at the time. Now that T-Mobile is supporting the iPhone I have decided to switch back. Given that T-Mobile recently announced its lack of requirement for a contract and better rates than AT&T, this only made it easier to drop AT&T.

I did experience some headache with the whole iPhone unlocking requirement, but it only cost me about two hours of time. Given that my iPhone from AT&T was a GSM phone, there was no requirement for me to purchase a new phone. I could have purchased a new iPhone 5 but based on some friends telling me that the battery life on it is pretty miserable, and the fact that there is not a compelling reason to upgrade, I decided that I don't really need it. (In fact, I have been toying with the idea of switching from an iPhone to an old school cell phone. The cost savings to be had by doing this is amazing. But, in the end, I opted to stay with my iPhone 4s.) Once the iPhone starts providing an embedded NFC chip, I might consider upgrading.

Here are the necessary steps to switch from AT&T to T-Mobile:

  1. Unlock your phone - You must submit a request to AT&T to unlock your phone. This can take a few days so make sure to allow for ample time. This is where I had trouble but because I was outside of any contract with AT&T and I was in good standing, the operator I dealt with was able to unlock my iPhone 4s instantly while I was on the phone with him.
  2. Unlock your account - Remove any password from your AT&T account so T-Mobile can take it over.
  3. Transfer your phone number - If you plan to keep your phone number, then just transfer it to T-Mobile.
  4. Purchase a T-Mobile SIM card - If you are utilizing the BYOD plan (Bring Your Own Device), then you need to purchase a SIM card from T-Mobile. The cost is only US$10 so no big deal.
  5. Sync your iPhone - Before making the SIM card change, make sure to sync your iPhone with iTunes so that everything is backed up.
  6. Swap the AT&T SIM card for the T-Mobile SIM card - Pop out the SIM card slot and swap the SIM cards.
  7. Re-sync your iPhone - After inserting the T-Mobile SIM card, a message popped up on the iPhone stating that the card was not activated. After re-syncing the iPhone via iTunes, this went away and I immediately received a welcome SMS message from T-Mobile.
  8. Set up your voicemail - The last thing to do is set up your voicemail and you should be good to go.
  9. Request to have visual voicemail enabled - For whatever reason, visual voicemail must be manually enabled by T-Mobile and you need to call in to request that this take place.
Now I'm on the T-Mobile network and I have no contract whatsoever. Furthermore, the plan I signed up for is only US$50/month with unlimited talk and text + 500mb of data. I can upgrade to unlimited data at any time for an additional US$20/month which I will probably do (and it provides tethering capability). I'm just curious to know if I will actually exceed 500mb of usage/month before I make that change.

I'm hopeful that this information will help others understand the steps to making this switch.

07 May 2013

On Eliminating Passwords

It seems to me that authentication in general needs to change. The requirement to remember a password for every online service you use has proven to be a daunting task not only for users but also for businesses that must store the credentials to authenticate those users. Considering the dramatic increase in data security breaches in recent years, it's no wonder that the competition amongst password management software continues to increase.

Personally, I use a password manager that supports all the devices I use (MacOS X, iOS and Android) and has the ability to sync across them. Not only does a password manager store your username/password pairs in a secure file, but it also has the ability to generate passwords with a high entropy to guard against a brute force attack. But even this is a game of chase. Just like in the world of anti-virus software, it's kind of a reactionary game. That is, only as new viruses are discovered can the signatures of those viruses be added to the anti-virus software. The same applies to passwords -- as the ability to crack stronger passwords only becomes easier, the requirements for passwords become more strict. At some point the whole idea of passwords will become a counterintuitive exercise. Many services also require the use of security questions for password recovery but this is also a losing game given that most of the security questions offered are largely the same across many unrelated services. It makes me wonder if eventually the use of a text based password is simply an invitation for a security breach (e.g., 'Oh this person is using a text-based password only, no problem we'll just crack it').

Beyond the cracking of passwords, consider how much companies spend to support usernames and passwords. Just the other day I was locked out of a system and had to actually call the help desk for assistance because there was no online password recovery offered. Now think about the fact that the help desk I contacted supports many thousands of users all over the world. In fact, my need for support with a password is such a common request that there is a category in the phone tree dedicated to password support. I hazard a guess that the investment to provide this support alone is probably fairly high.

To protect against simple password cracking we've seen the rise of multi-factor authentication (MFA) whereby a password plus some other out-of-band methods are used for authentication such as a text sent to your mobile device, a phone call to your phone number of choice, etc. Financial institutions typically provide this capability and even Amazon provides a MFA feature to secure an AWS environment. Many companies provide employees with a small two-factor authentication device -- I'm sure you've seen a SecureID token from RSA, a similar device from Symantec or smart cards from various companiesj, but even these have been breached and/or have been proven to be flawed. Furthermore, these solutions are aimed at the SMB and enterprise markets for distribution to employees, not at the general consumer market. And beyond that, I've even been locked out of a SecurID token before which required a phone call to a help desk!

Earlier this year, a new group named Fast IDentity Online Alliance (FIDO) launched to bring forth a new type of multi-factor authentication and new usage models. From the FIDO website's description of What Makes FIDO Different?:

The range of technologies supported by the FIDO protocol will include biometrics such as fingerprint scanners, voice and facial recognition, as well as existing authentication solutions such as Trusted Platform Modules (TPM), Near Field Communication (NFC), One Time Passwords (OTP) and many others.
To learn more about FIDO, check out the How FIDO Works page describing the protocol, here's an image about it:

The short story is that a three-way binding occurs between the user, the device and the vendor's back-end system and it requires all three need to be present to use the system. What is intriguing to me is that this protocol is aimed at end users/consumers -- people like you and me.

The first company to be considered FIDO certified is Nok Nok Labs in Palo Alto, CA. This company provides a commercial solution to implement the FIDO protocol and is currently testing it at about 15 companies. What's really needed is adoption of such a solution by popular online services and Nok Nok Labs is already testing it's solution with PayPal.

Not only would it be more comforting to know that my payments and my funds are secured by more than a username/password pair, but it would also be more convenient not to have to remember a password for every website I use. But until something like the FIDO protocol becomes ubiquitous, we must continue to live with what we've got today.