Andrew Que Sites list Photos
Projects Contact
Main
   Decided to play around a little more with BSD. While I have all the base BSD distros (Free, Net and DragonFly), none of them have a GUI. Rather then do work to put a GUI on one of the installed distros, I decided just to download some distros that include a GUI. So I've added PC-BSD and Incognito to my list of virtual machines. Unfortunately, neither distro works in VirtualBox due to video problems.
   Pictured is Heidi with 7.62x39 ammunition in her ear as an alternative for her gages, which she could not find.

3 comments have been made.

From Steve

Janesville, WI

June 30, 2009 at 7:35 PM

Yeah, I don\'t think Heidi was as amused by our game of \"Keep Away\" as we were. Hehehehe. I do think those rounds were a nice touch though. She should\'ve left \'em in, if she could.

From Heidi

Wisconsin, USA

July 01, 2009 at 12:19 AM

Couldn\'t find them?!? >:O

From ERica

August 07, 2009 at 6:20 PM

You go to my school!

June 27, 2009

Happy Birthday Echo

Echo

Echo

    For my history class I was looking for information about a person in the Revolutionary War era and found what I was looking for with Google Books.  Unfortunately, I closed the page before I finished my assignment and had to find it again.  Not sure exactly how I got to where I did, I simply started with a search in Google Books.  Seemed like a good place to start, since that is where I found the information.  After paging through a couple of search results, I started getting a message that said I had "reached my viewing limit".
    I block all cookies and scripts by default, so my guess was that if Google was monitoring my viewing, it had to be using my IP address.  Since I recognized the cover of the book I knew had my information, I decided to see if I could get around this "limit" using a proxy.  A quick search for open proxies and using the first US proxy listed (I didn't want Google in an other language ;), I tried my search again and went right to the book I was looking for.  Sure enough, I was able to browse and finish my assignment.
    This is the first time I've ever had to work around Google.  I'm not sure what they are trying to accomplish limiting how many book pages someone can look at, but I have a feeling it has something to do with copyright and a deal they made with publishers.  Otherwise, surely the Google guys could have seen through my petty attempt to circumvent their "limit" with a simple proxy.

1 comment has been made.

From Steve

Janesville

June 30, 2009 at 7:14 PM

I wish I would\'ve been able to join you guys up in Madison for Echo\'s b-day. Aiden sent me an invite, which I had to decline. If I hadn\'t had my cousin\'s graduation party to go to, I\'d have partied with you guys. Shit happens, I guess. hehehehe

June 25, 2009

Bad Site

I've never received this message from Google before, but it was warning me about a malicious website I was about to visit.  The search was for some Revolutionary War era person and the site I suspected was a family tree based on the information from Google. 

My first through when I saw these warnings was "hey, what does this malicious script look like?"  I block cookies and scripts by default, so it was probably pretty safe to go ahead and visit this site.  But I also have 16 different operating system installed and setup in VirtualBox, and it really wouldn't matter if one of them ended up with some malicious software.  Despite having homework to do, I decided to see what the scripts looked like.

I decided to try this experiment on my latest 64-bit Ubuntu VM, and just to see if my hypothesis about the script blocker was valid, I installed NoScript .  Then, it was off to this site.  Except Firefox hit me with this:

Seems both Firefox and Google really don't care for this site.  Firefox gave me a nice "Ignore this warning" link and so in I went.  No script threw up it's little "blocked script" tag like it does on most sites.  When I tried to view the source, Firefox hit me again with the warning again, but the link for "ignore this warning" didn't work.  This isn't the first time I've encountered this in Firefox. 

Since I don't have a SSL certificate from a recognized root authority, anytime someone goes to one of the SSL areas of drque.net they will get a message about an invalid certificate.  For the quite awhile, I was unable to use Firefox to get into the SSL areas of drque.net because the "add exception" button didn't do anything. 

Well, since Firefox wasn't going to help me, I would have to go more low-level: wget.   It didn't care in the least and I was soon looking through javascript.

Nothing that stood out right away.  Some code for Google ads, script to get the window size, and finally some script for an ad from "zedo.com".  I hadn't herd of these guys before and decided to look into them.  Web of Trust ranks them at 25% for "trustworthiness" and "vendor reliability."  This is my bad guy.

I downloaded their script and had a look at it.  The javascript was code to insert more javascript into the page.  Part of it was a shockwave object.  An other part loaded an other script.  The second script seems to just load an ad image.  Rather uneventful.

It is possible the bad guy is inside some shockwave element, but I didn't see any URL for a sockwave file.  Even if I did, I wouldn't be able to do much with it.  So, my hunt has been rather uneventful. 

Safe Browsing claims the root directory of this site had 21 script exploits and 1 Trojan.  It listed the malicious software included several Chinese domains, none of which I found in the scripts or HTML I looked at.  So, it's possible this page wasn't dangerous, but simply in with a group that were.  Fortunecity.com is one of those free web hosts that have been around since the late 90ies and the page I looked at seemed to be one designed around that time—very basic.  A lot of these old sites that sit on hosts like Fortunecity are susceptible to attack from script that try and guess passwords.  Once they are in, they can change the website and add their own script, which it probably what happened.  Unfortunately, nothing I saw was all that exciting.

Still, I really wanted to see if I could get something malicious from this site. For this, I needed the most insecure operating system and browser I could think of. Naturally, I picked an MS operating system and Internet Explorer. In VirtualBox, I saved a snapshot prior to this experiment, then fired up IE and went right to the site. No warnings this time and the page loaded up with ads, scripts and all. The only thing I saw happen was IE tell me it blocked a pop-up ad. How uneventful. I'm going to let this virtual machine run for awhile and see if anything bad happens. So far, it looks like a false-positive.

1 comment has been made.

From Pluvius

Madison, WI

June 27, 2009 at 3:30 PM

Wow... thought it was going to be exciting too; what a let down. Figures, hehe

June 24, 2009

#define vs const vs enum

Many people have written about the problems of using macros in C. In C++, constants and templates should pretty much eliminate the need to use macros. Unless you are seriously pressed for speed, there should be no reason to use macros in C++.

In straight C, the keyword "const" doesn't produce constants that can be used to initialize array sizes.

/* Will not work in ANSI C, but will work in C++ */
int const ARRAY_SIZE = 100;
int array[ ARRAY_SIZE ];

The most common way I've seen people deal with this is by using macros:

#define ARRAY_SIZE 100
int array[ ARRAY_SIZE ];

This always works, but it has a few problems. Lets make the statement a little more complex.

#define ARRAY_SIZE   100 + 10
int array[ ARRAY_SIZE * 2 ];

How big is the array going to be? If you said 220 elements, you would be wrong--the correct answer is 120. This is due to the nature of macros. They are pre-processor substitutions and are not evaluated. What really happens is the following code is generated:

int array[ 100 + 10 * 2 ];

Now remember your operator precedence--10*2 will happen before adding 100, so the size of the array is 100 + ( 10 * 2 ) = 120.

Most programmers know to use parenthesis around everything defined in a macro.

#define ARRAY_SIZE   ( 100 + 10 )
int array[ ARRAY_SIZE * 2 ];

This will produce the 220 elements desired. However, I learned a trick at my previous contract job that can avoid this whole scenario. Instead of using macro, use an entry from an enumeration. ANSI C says that a value in an enum is always treated as an constant int. enum values can be assigned to integer values and enums can be anonymous. So this syntax is valid:

enum { ARRAY_SIZE = 100 + 10 };
int array[ ARRAY_SIZE * 2 ];

Note we don't need to use parenthesis (although it wouldn't hurt) like we need to with a macro. enums are not pre-processor substitution and are evaluated at compile time. They are, in many respects, a C version of C++ const.

I use the anonymous enum constant instead of macros when ever I can. They always work for array sizes and work for most constants. However, there are some places they may not do the job. enums are always of type "int". If you need a floating-point constant, you'll be stuck with either a macro or a "const". And the int size can be different on different machines. This can really be an issue if you are making masks. For example:

enum { MASK = 0xFFFFFFFFL };

This will create problems on a 16-bit compiler where the int size is 2-bytes. For such cases, you can still use "const".

double const PI   = 3.14159265358979323846;
uint32 const MASK = 0xFFFFFFFF;

The drawback is that in standard C, const values are required to take up storage space. So in this example:

double const PI    = 3.14159265358979323846;
double const _2_PI = PI * 2;

Even if PI is never referenced in the source code again, it still has storage allocated. Where as:

#define PI    (3.14159265358979323846)
#define _2_PI (PI * 2)

Will never result in unused storage. In most cases, we're talking about a few bytes. If you are using a constant value for something other then array initialization, having storage allocated can actually produce smaller code. Rather then loading to a constant value every time the value is used, the code can load from a location in memory. Again, we're talking savings in the bytes. So unless you are an embedded programmer with a really tight ROM/RAM budget, it's hardly worth worrying about.

In C++, the rules for const change. Storage for a "const" object isn't necessarily allocated. So in our previous example with PI and _2_PI, the compiler is free to discard PI if it isn't used anywhere else. In addition, const values can be used to initialize arrays.

// Valid C++ syntax
int const ARRAY_SIZE = 100;
int array[ ARRAY_SIZE ];

The compiler is free to discard storage for ARRAY_SIZE. In most cases, C++ const will do anything we had to do with enum values. And in most cases, the value will be used directly rather then loading from a memory location--although this may depend on your compiler.

uint32 const MASK    = 0xAAAA5555;
int const ARRAY_SIZE = 0x100000;
int array[ ARRAY_SIZE ];

// ...

for ( int index = 0; index < SOME_VALUE; ++index )
{
  array[ index ] &= MASK;
}

The above loop might need to happen in some time-critical location. Assuming the compiler has no optimization, it would be preferable that MASK were evaluated as an intermediate and not stored at some memory location. Otherwise time is wasted loading the value from the memory location. However, even the most basic optimization will take care of this problem.

June 23, 2009

Funny Math

I was watching the movie Van Wilder and during one part they start a tutoring business. The first display of this tutoring taking place, one guy, concentrating hard, says “x... equals... six”. The geek in me wondered what the equation was the guy was solving. It is only display for about a quarter of a second, but I freeze framed it and had a look. Here's the frame:





It is written a little messy, but this appears to be the equation.

First of all, it's wrong. The integral actually comes out out be

For fun, let's assume this is a question, not a incorrectly solved integral. When would the two sides of the equation be equal? For this case, we have to drop the “C” constant. Solve for the integral and we get this:

Even for this, there is no answer. Has a vertical asymptote at x = 1. , and is undefined for all x > 1

has a vertical asymptote at x = 1 as well, but in the other direction: . Thus, there is no value for x in which the two equation meet. So as for x = 6? It just doesn't happen with the equation given. Yep—I really did just check the math of a comedy.

2 comments have been made.

From Heidi

Wisconsin, USA

July 01, 2009 at 12:20 AM

This is why you amaze me.

From ERica

August 07, 2009 at 6:23 PM

Who the hell writes his 1\'s like I\'s? And maybe it was actually trying to say 3ln(blahblahblah)?

June 22, 2009

Losing faith in my bank

   So I noticed some charge to my checking account labeled "wellness extra" for $9.95.  I recall seeing this once before and decided to try and find out who they were.  Seeing a charge like this once wouldn't surprise me—maybe it was some store I bought something at and their name looked different on my statement.  But seeing it twice made me wonder.  So I looked back on other statements and sure enough, it was a regular monthly charge.
   My first idea was to Google this company, but that didn't bring me any closer to an idea of why I was being charged by them.  Since my bank statement is a little vague, I gave the bank to see if they had any information.  They provided me with a phone number for the company and I gave this company a call.  Sure enough, they confirmed I was enrolled in some program they offered—through my bank.  Turns out my bank sent out checks and if you cashed the check, you were enrolled in this program.  They sent the checks out in 2005.  Yeah, I never noticed.  And I recall nothing about getting said check.  
   There's a good chance I did cash this check.  I get something from my bank—like a check—I assume they were doing business as usual and had a reason for giving me money.  Reimbursement for an overcharge, credit for long-term customer, whatever.  So I mindlessly cashed it—no doubt with a load of other checks as I tend to let them accumulate.  Can't be sure—I don't remember anything about it.  That apparently was my mistake.
   And what about this "Wellness Extras"?  Not a word from them.  Not a single letter, statement or any other sign at all they were billing me except for what appeared on my bank statement.  For four years!  And what do they offer?  Who knows, I never got anything from them!  A sham?  What the heck else could they be?!
   So here is the deal: A company I trust with tens of thousands of dolors of my money makes a deal to send a mailing, in their name, to their customers for a shady underhanded tactics company.  And their excuse is "well if you read the (bla bla bla)."  Nope—I don't buy it.  Sure, I am at fault for falling for a scam.  But only because I wasn't except the scam to come from what I thought was a reputable place.  Blackhawk State bank has damaged their reputation with me—perhaps beyond repair.  The hard lesson learned: never let your guard down when dealing with corporations.  Clearly, they are never too respectable to take part in underhanded sales tricks.

1 comment has been made.

From ERica

August 07, 2009 at 6:25 PM

That\'s whack.
   The other night there was a thunderstorm just to the north.  From inside the house, I was unable to see any lightning directly, but the clouds were fairly lite.  I took several long exposures, some of which were kind of interesting.  The red in the sky is the reflection of city lights against the clouds, and the blue from the lightning.