Winamp has two bundled plugins that look like they would be really great if they actually worked.

Shoutcast wire: This plugin allows you to subscribe to podcasts. The subscribe part works, but then it falls apart.

• You cannot change the title of a podcast, it uses the title in the feed which leads to...
• You cannot have two feeds with the same title. Therefore if you have two sites which titled their feeds as "Podcast", you can only subscribe to one of them.
• It doesn't actually download anything automatically. You have to go in and select each item for download manually.
• The files that it downloads don't go onto a playlist or something for you to queue.

Portable Music Player: This supports sync and fill of portable music devices. The "Send to *device*" menu item works great.

• I can't figure out quite what the difference between Playlist sync, Library Sync, and Autofill.
• Playlist Sync cannot sync to smart playlists, only static ones.
• None of the sync or fill options can pull from the "now playing" playlist, or from the podcast downloads.

It shouldn't be so hard. All I want is something that will download podcasts, and let me listen to them on the computer or the portable device. What I do is subscribe to the feeds in google reader and save the mp3 files to the desktop, then I enqueue them in winamp and listen to them. Before I go home at the end of the day, I select all remaining files in the playlist and right-click to "Sent to portable". After it has transfered them to the mp3 player, then I delete them from the desktop. Seems like it should be easier.

There was a puzzle given on the Skeptics Guide podcast on 9/13/2006 and the solution they gave the next week bothered me. (They said it was ambiguous depending on how the question was phrased).

I was googling around looking for other references to this problem and found these two:

Marilyn Ignores the Obvious Regarding Probability of Boys by Herb Weiner

Eldon Moritz rebutal to Marilyn vos Savant

After reading Eldon's page, I realized how to rephrase the question to show the right process. Everyone is focusing on the 4 possibilities of children so let's set up the problem that way.

There are 4 women and 4 children walking through the park. The first woman (BB) has a boy with her and a boy at home, the second woman (BG) has a boy with her and a boy at home, the third (GB) has a girl with her and a boy at home, and the fourth (GG) has a girl with her and a girl at home. A man walks up to one of the women at random and sees that there is a boy with her, and asks her how many children she has. She replies that she has 2 children. What is the probably that she has 2 boys?

Clearly, the probability is 1/2 or 50%.

Here is a long list of logic puzzles (no solutions posted yet). See how many you can figure out.

My wife and I are currently facilitators in Dave Ramsey's Financial Peace class and several people have asked me how I made my nice one page budget form. It is a Microsoft Excel file, and has everything squeezed in a very small space.

Here is a blank version of my Budget Template.
See also the bi-weekly budget form.

Update 11/15: I was asked for instructions on how to use this spreadsheet.

It is very much like the paper budget forms. Column B is the category, and column C is how much you have budgeted for that month. Column D is how much you have spent so far this month, so at the beginning of the month these will be all zero. Now column D is all formulas, since I didn't want to do math every time I wrote a check. So if you look at the second sheet "Actuals" you see a similar chart showing the same first 3 columns. Starting in column D, you can just enter one check per cell. So for example if you have spent $5, $20, and $15 on food, go to the food line and put 5 in column D, 20 in E and 15 in F etc. The total will automatically show up on the "Budget" sheet in column D.

Column E is simply a formula letting you know how much is left in that "envelope" for that category: i.e. Budgeted(C) - Actual(D).

The balances at the bottom are just for checking your math: Balance C should always be zero if your budget is balanced. Balance D should be exactly the same as the balance in your checkbook. Balance E should be the same as Balance D but reversed. If it is not, then there is a broken formula in the spreadsheet somewhere.

The tables on the right side:
The allocated savings register for you to record all of your savings goals, there is a formula for percent there but that is all.

The next table is the debt snowball table. The first column is the name of the debt, then the original amount, which is not really needed except that when you call in to scream "I'm debt free", Dave will ask you how much debt you paid off, and if you didn't write it down you won't know. The next column is how much the current principle balance on that debt is, and then you have a nice little percent.

The Upcoming table is a list of infrequent bills that I always forget about. I don't think that Dave has a form for this, but I needed it so that I remember to save up for big annual bills like car registration or quarterly insurance payments.

The next section in the black box, is what I call the motivating statement. It is what encourages me to keep going, when I can look at the budget taped to the side of the fridge and see in huge letters: "We saved $3,963 and paid off $16,883 in debt" it keeps me focused on the goal.

This article by Paul Graham is an excellent argument that the gap between the poor and the rich is not something to be feared, but rather a sign of a health country.

I have been using this online backup service at mozy.com. It actually works really well, doesn't get in the way, and you can restore files from the web.

If you use this link, then I get an extra 512MB quota also. (he he)

The system is free, and you start with 1GB. Paid subscriptions are available if you need more space. The client tool that does the backups is available for Windows only (as far as I know).

"Knocking the exuberance out of employees" is a great little post over at Kathy Sierra's blog. I think I am probably one of those dangerous independent thinkers who gets into trouble for not going along with the party line. And I fear that the company I started with 12.5 years ago, which was very much more interested in creative thinkers, is becoming more and more of a robot factory.

Cox has decided to block all of my emails:

... while talking to mx1.west.cox.net.:
< << 554 fed1rmimpi01.cox.net IMP 67.15.199.41 is locally blacklisted

Lovely. And of course there is no way to get this block removed it would appear. Cox.net support told me to email unblock.request@cox.net. Of course I CAN'T, since that email box doesn't exist.

I have blocked *.cox.net in my blacklist: bl.deadbeef.com, perhaps that will help get their attention.

Update 9/25/06 20:57: Something changed, now emails are working again. From my conversation with Tier 2 support, they claim the correct resolution is to email thisisnotspam@cox.net and abuse@cox.net requesting to be removed from the blacklist. The support department also seems to be unaware of the blacklist and wants to blame your mail server.

Google is joining up with the American Library Association to celebrate Banned Books Week.

There is only one problem. IT'S ALL A BIG LIE. You see, none of these books have actually been banned. They include books on their "banned" books list if even one person asked a book to be removed from one library or school. Since there are always crazy people in every community, this means that almost every book you can think of has been requested to be removed from some library someplace.

I recently went to Colorado to climb Long's Peak. It was the most painful thing I have ever done. Perhaps next time I'll start with something smaller, perhaps a small hill.

Photos here: http://www.flickr.com/groups/manalive2006/pool/

This article is an excellent set of short tips along with sample code for how to improve the search engine ranking of your blog.

Here is a handy tool to reset your product code on Windows XP, just in case you used a bootleg on your install and now you want to get legal (and stop that Windows Genuine Advantage), but you don't want to do a full reinstall.

http://www.intelliadmin.com/blog/2006/04/updating-windows-xp-product-key.html

I hate cars. Don't get me wrong, I really like the freedom and mobility of having an automobile. I also am not one of those green types that thinks that cars are evil because they cause smog. I hate cars because I have a huge amount of money invested into something that I don't understand, and everyone is trying to take advantage of me at every turn.

Today I just had $270 of preventive maintenance done on my minivan. Afterwards it occurred to me to look in the owner's manual and check if the dealer recommended service was the same as the manufacturer recommended service for that mileage level. It wasn't, too bad I didn't think to check the manual before I took it in, might have saved myself some money. It turns out that Dodge recommends a transmission flush at 60,000 miles, and the local dealer says 24,000. A big difference.

And really I don't believe either one of them. The dealer is seeking to maximize their service revenue, and the manufacturer is looking to cover themselves from a lawsuit or something.

Where is the independent research? Do cars even need oil changes? How often? How much does it help? I'd like to see the chart, where mean time to failure was plotted against frequency of oil changes. Perhaps it would be a better trade-off to only do oil changes every 12 months instead of every 3.

This is why I hate cars.

I have a profile up at LinkedIn, which I am not sure if this is a good idea or not, but here it is.

There is one nice feature, where you can upload your contacts and it will tell you which people are already in LinkedIn, so that you don't have to spam all of your friends for no reason.

The linked article is a really good list of tips on how to improve your search engine rankings.

I have implemented two of their simpler suggestions, changing the page titles to "Post title - Deadbeef.com" instead of the silly "Deadbeef.com - Post Detail: Post title". I also put in a 301 redirect for deadbeef.com to www.deadbeef.com.

We'll have to see if it makes any difference.

I came home today on the new West Dodge Road Expressway here in Omaha, and it only took 11 minutes. This was at the peak of rush hour too. Normally this would take me over 20 minutes.

Other than being a big federal earmark ($80 million), it is turning out nice. It opened early, and has an immediate and positive impact on the traffic.

The linked article of note because both of the hospitals noted in the article are also using my software!

I wonder if any of the 42 people that used to work at Washington Hospical Center and now work for Microsoft have heard of my employer?

I had not heard of their product Azyxxi before this, but I would not be suprised if we are already sharing data with them via HL-7 messaging.

It doesn't seem like this should be so hard, but it is. The Win32 CreateProcess API call has two nifty ways to do this.
1) Inherit handles from the parent process. So open the log file as your own stdout and stderr, then launch the child process.
2) Specify the stdout and stderr handles explicitly to the CreateProcess call.

Now, we all know that in .NET using win32 api calls is naughty, so let's try using System.Diagnosis.Process.Start() instead. It has a very convient methods for capturing the output, but no way to set the handles to a file. Rats.

So all we have left is a hack. Launch cmd.exe and have it redirect the output as described here: http://weblogs.asp.net/israelio/archive/2004/08/31/223447.aspx

Code:

icky :( Oh and wait, the process exits immediatly, and the Process.ExitCode is always 1. Arg!

Ok, so we need another hack. How about instead of starting cmd.exe we just run a bat file.

Code:

Truly horrific, but it has the advantage of working! Of course this is subject to a race condition where foo.bat could be replaced with another file by a malicious process, and it's evil commands would be executed within our user context. I don't know how to fix that. Perhaps generate a random path name, create a directory, change the ACL's to prevent anyone from creating files in there, create the batch file in the directory, and then run it. Maybe.

My lovely wife Amy has set up her own blog along with a few of her friends at http://www.teachingwithjoy.com. It will cover her favorite topics which are homeschooling & teaching in general. Right now she has her list of book recommendations up, but expect to see some nifty lesson plans and activities in the near future.

If your web site is anything like mine, you have spammers registering as users in the hope that they will have their spammy comments show up.

Here is how you can get b2evolution 1.8 to automatically delete the users if they have not validated their email address within 7 days.

First, copy this file to .../blogs/inc/CONTROL/cron/

Then edit .../blogs/inc/CONTROL/cron/crontab.php and add in these records:

$cron_job_names:

$cron_job_params:

Then go to the Scheduler page in the backoffice, and add a new job.

Now all your fake spam users will get autodeleted!

I was reminded again today about how much I dislike the phrase "as per". It is complete useless and unnecessary! I find that every usage could be expressed using either "as" or "per" or by leaving out the two words altogether.

I have tried to find some references on the web, as to the correctness of this idiom, but I have not had much luck. Please leave a comment if you know of a definitive source for the evilness of this phrase.

It's Evil:
Garbl's Style Manual (Who is Garbl? I have no idea)
HR Soapbox

Noncommital:
Dr Grammer

It's good:
52,000,000 web pages can't be wrong?

I saw this article linked from Bruce Schneier's Blog. I always prickle at having to show my ID so this caught my attention.

The new version of b2evolution is out for download and I have moved over my blog.

Changes I had to make:

• The skin changed a little bit, so I had to tweak a few things.

• I don't like the permalink icons on the linkblog, so I added this code to .../skins/_linkblog.php

  40: if(!isset($linkblog_show_permlink)) $linkblog_show_permlink = 1;
  77: if ($linkblog_show_permlink)
  78:                         $Item->permanent_link( '#icon#' );
  

• I don't like the 2006/10/01/title style permalinks, so I changed the code in .../inc/MODEL/items/_item.class.php

  531: $permalink = url_add_tail( $blogurl, $urltail );
  

  and in inc/_blog_main.inc.php starting at line 305:

  else
  {       // We did not get a number/year...
      if( isset( $path_elements[$i] ) && (!empty( $path_elements[$i] )) )
      { // We'll consider this to be a ref to a post
        // We are accessing a post by permalink
        // Set a lot of defaults as if we had received a complex URL:
        $m = '';
        $more = 1; // Display the extended entries' text
        $c = 1;    // Display comments
        $tb = 1;   // Display trackbacks
        $pb = 1;   // Display pingbacks
  
        if( preg_match( "#^p([0-9]+)$#", $path_elements[$i], $req_post ) )
        { // The last param is of the form p000
          // echo 'post number';
          $p = $req_post[1];              // Post to display
        }
        else
        { // Last param is a string, we'll consider this to be a post urltitle
          $title = $path_elements[$i];
          // echo 'post title : ', $title;
        }
      }
      else
        $path_error = 404;
  

• I changed my TOC plugin to work in either 1.6 or 1.8

Here is a plugin for B2Evolution 1.6, that creates a renders the special tag: <!--toc--> as a table of contents.

This way you can create a menu post that displays posts from a certain category. This is handy, if you use b2evolution as a content system for a traditional web site, not just as a blog.

Here is a sample use. For the top 5 posts in the B2evolution category, and the first 10 words from each post, showing dates; use: <!--toc dates="true" num="5" cut="10" category="29"-->

• 01/30/07
  Using performancing
  I installed the performancing addon for firefox, and it is ...
• 07/27/06
  Automatically remove invalid b2evolution users
  If your web site is anything like mine, you have ...
• 07/17/06
  B2Evolution 1.8 released
  The new version of b2evolution is out for download and ...
• 07/17/06
  B2Evolution: Table of Contents plugin
  Here is a plugin for B2Evolution 1.6, that creates a ...
• 01/21/06
  Installing b2evolution in a virtual domain environment
  Steps to install b2evolution for all domains on your server. ...

The blog's or the skin's css file can be used to customize the display of the table of contents.

Download the file and save it in your b2evolution plugins directory.

Update 1/30/2006: Download link fixed
Update 3/20/2006: The num option was being ignored, it is working now.
Update 7/17/2006: This plugin will work in B2Evolution 1.6 or 1.8.
Update 7/26/2006: Fixed some PHP warnings in the 1.8 code.

I have been thinking about a big idea for something to go and do to make myself either rich, famous, or both. But it is a hopeless task, I'm just not full of brilliant ideas!

Paul Graham has some essays on this topic. Ideas for Startups and How to Start a Startup.

I have taken this idea to heart and started some simple boring projects.

Maintaining a branch in subversion is harder than it should be. I have written a little helper script to make it easier to maintain a branch.

The problem is that you need to keep your branch up to date with trunk so that you can commit back to trunk someday.

Here is my process:

Create the branch:
svn cp http://server/repo/trunk/foo http://server/repo/branches/foo-branch -m "Create new branch"

Checkout the branch to a working copy:
svn co http://server/repo/branches/foo-branch

Create some properties to keep your place:
svn propset trunk_url http://server/repo/trunk/foo foo-branch
svn propset synced_rev 1234 foo-branch
(where 1234 is the revision the branch was copied from. Find it using svn log -v --stop-on-copy foo-branch)

To get new changes from trunk applied to the branch, just run this script:

#!/bin/sh

set -e -x

trunk_url="`svn propget trunk_url`"
new_rev=`svn info "$trunk_url" | awk '/^Last Changed Rev:/ {print $4}'`
old_rev=`svn propget synced_rev`
if [ "$new_rev" != "$old_rev" ] ; then
        svn log -r $old_rev:$new_rev "$trunk_url" >>MERGE_LOG.txt
        svn merge -r $old_rev:$new_rev "$trunk_url" .
        svn propset synced_rev $new_rev .
fi

SSH dictionary attacks are a big problem. I posted earlier a script that will scan the logs and block IP addresses that attempt many logins. (ssh_complain)

However SSHDFilter is a script that watches the logs live and immediatly blocks IP addresses as soon as they attempt one illegal username or too many failed passwords on legal users.

I have written a script, which is intended to be run from cron every few minutes, which will block hosts that try dictionary attacks on your unix server. You will need to tweak this for your own use.

The script sends an email to the network administrator, then adds the ip address to /etc/hosts.deny.

It works for me, but your mileage may vary. Uses: mutt, ntpstat and the whois service at whois.deadbeef.com

This is three scripts.

auto_send_ssh_complaints: Scans log files for attacks, and invokes the proper script to send the email.

#!/bin/sh

# Fill in your own whitelisted hosts here
whitelist="127.0.0.1 1.2.3.4 `host home.example.com | sed -e 's/[^0-9]*//'`"

sed -e '/sshd\[[0-9]*\]: Failed password/!d' \
        -e 's/.*Failed password for.*from //' \
        -e 's/ port.*//' /var/log/secure | sort | uniq -c | \
while read info
do
set -- $info
count=$1
host=$2
whitelisted=0

host=`echo $host | sed -e 's/::ffff://'`

number_of_usernames=`sed -e '/sshd\[[0-9]*\]: Failed password.*from '$host'/!d' -e 's/.*Failed password for //' -e 's/ from .*//' /var/log/secure  | sort -u | wc -l`

for white in $whitelist ; do
        if [ "$white" = "$host" ] ; then
                whitelisted=1
        fi
done

if [ "$whitelisted" = "1" ] ; then
        echo "$count attempts from WHITELISTED $host"
elif grep -q "ALL:$host" /etc/hosts.deny ; then
        : #echo "$host is blacklisted"
else
        #echo "$count attempts from $host"
        #host $host
        if [ "$count" -gt "14" -o "$number_of_usernames" -gt "4" ] ; then
                /root/bin/ssh_complain $host
        else
        :       #echo "WARNING: $host is not blacklisted"
        fi
fi
done

sed -e '/vsftpd(pam_unix)\[[0-9]*\]: authentication failure/!d' \
        -e 's/.*rhost=.*from //' \
        -e 's/ user=.*//' /var/log/messages | sort | uniq -c | \
while read info
do
set -- $info
count=$1
host=$2
whitelisted=0

for white in $whitelist ; do
        if [ "$white" = "$host" ] ; then
                whitelisted=1
        fi
done

if [ "$whitelisted" = "1" ] ; then
        echo "$count attempts from WHITELISTED $host"
elif grep -q "ALL:$host" /etc/hosts.deny ; then
        : #echo "$host is blacklisted"
else
        #echo "$count attempts from $host"
        #host $host
        if [ "$count" -gt "25" ] ; then
                /root/bin/ftp_complain $host
        else
        :       #echo "WARNING: $host is not blacklisted"
        fi
fi
done

ftp_complain: Sends email about ftp attacks.

#!/bin/sh

while [ "$1" != "" ] ; do
        ipaddr=$1
        shift

        echo "Sending FTP complaint on $ipaddr"

        echo "Getting email addresses"
        emails="`whois "$ipaddr@whois.deadbeef.com" | awk '/^[^\[]/ {print $1}'`"

        echo "Getting logs"
        fgrep "$ipaddr" /var/log/secure* /var/log/messages* >$ipaddr.txt

        echo "Getting count"
        count=`grep 'vsftpd.*authentication failure.*rhost='"$ipaddr" /var/log/messages* | wc -l | sed 's/ *//'`
        echo "Count=$count"

        if [ "$emails" = "" ]  ; then
                echo "No email addresses"
        else
                echo "Sending email"
                cat <<EOF | mutt -a $ipaddr.txt -s "Excessive FTP attempts from $ipaddr" $emails root@example.com
My host server.example.com (1.2.3.4) has received roughly $count
attempts to login via the FTP protocol from your host at $ipaddr.  I have
attached the relevant portions of my logfiles.  All times are in CST/CDT.

`ntpstat`

Thank you for your understanding.
admin@example.com
EOF
        fi

        if grep "^ALL:$ipaddr\$" /etc/hosts.deny ; then
                echo "Already in blocked list"
        else
                echo "Adding $ipaddr to blocked list"
                echo "ALL:$ipaddr" >>/etc/hosts.deny
        fi
done

ssh_complain: Sends email about ssh attacks

#!/bin/sh

cd /tmp

while [ "$1" != "" ] ; do
        ipaddr=$1
        shift

        echo "Sending SSH complaint on $ipaddr"

        echo "Getting email addresses"
        emails="`whois "$ipaddr@whois.deadbeef.com" | awk '/^[^\[]/ {print $1}'`"

        echo "Getting logs"
        fgrep "$ipaddr" /var/log/secure* /var/log/messages* >$ipaddr.txt

        echo "Getting count"
        count=`grep 'Failed password for.*from '"$ipaddr"'.*ssh2' /var/log/secure* | wc -l | sed 's/ *//'`
        echo "Count=$count"

        if [ "$emails" = "" ]  ; then
                echo "No email addresses"
        else
                echo "Sending email"
                cat <<EOF | mutt -a $ipaddr.txt -s "Excessive SSH attempts from $ipaddr" $emails root@sageconspiracy.com
My host server.example.com (1.2.3.4) has received roughly $count
attempts to login via the SSH protocol from your host at $ipaddr.  I have
attached the relevant portions of my logfiles.  All times are in CST/CDT.

`ntpstat`

Thank you for your understanding.
admin@example.com
EOF
        fi

        if grep "^ALL:$ipaddr\$" /etc/hosts.deny ; then
                echo "Already in blocked list"
        else
                echo "Adding $ipaddr to blocked list"
                echo "ALL:$ipaddr" >>/etc/hosts.deny
        fi
done

Steps to install b2evolution for all domains on your server.

1. Download b2evolution 1.6


2. Install the package to a common location like /var/www/b2evolution



3. Create an alias that maps the virtual dir _blogs to that folder, i.e create a file /etc/httpd/conf.d/b2evolution.conf with this one line in it:

   Alias /_blogs /var/www/b2evolution/blogs
<Directory /var/www/b2evolution/blogs>
<Files _*.php>
Deny from all
</Files>
</Directory>



4. Reload apache: service httpd reload



5. Put this code in /var/www/b2evolution/blogs/conf/_config_TEST.php

   <?php
$baseurl = "http";
if ($_SERVER['HTTPS'])
$baseurl .= "s";
$baseurl .= "://" .$_SERVER['HTTP_HOST'];
if (($_SERVER['SERVER_PORT'] != 80 && !$_SERVER['HTTPS']) || ($_SERVER['SERVER_PORT'] != 443 && $_SERVER['HTTPS']))
$baseurl .= ":". $_SERVER['SERVER_PORT'];
$baseurl.= "/_blogs/";
?>



6. Create a new blog, and set the Blog Folder URL to "Absolute URL", and your domain, i.e http://www.example.com/


7. You can use "Automatic detection by index.php"




8. Copy the a_stub.php to the document root of your virtual domain as index.php. This is the only file that needs to be copied to each virtual domain. Configure the $blog parameter and replace the last few lines of the file with this code:

   /**
* That's it, now let b2evolution do the rest! :)
*/
require '/var/www/b2evolution/blogs/evocore/_blog_main.inc.php';


Summary:
The ffcall library which is used in the GNUStep base library has a problem on Windows XP SP2 (and later) if Data Execution Prevention is turned on for all programs.

Details:
Here is a patch to ffcall 1.10, that allows the trampoline code to work with Windows Data Execution Prevention.

What is Data Execution Prevention?

In Windows Server 2003 & Windows XP SP2, Microsoft added a feature (if you have the hardware to support it), which will prevent the execution of code in areas of memory marked for data. So specifically this protects against a class of buffer overrun attacks.

I know you are saying, "So what, I don't have self modifying code" that is what I thought too. So go and change your settings and turn on DEP. Go do it now, I'll wait here.....

Ok, perhaps your program still runs fine, but mine didn't. Turns out that the GNUStep implementation of NSInvocation uses the ffcall library to make the dynamic function calls. The ffcall implementaion of trampolines (basically a function pointer with context) allocates some memory and writes some opcodes in to it to set up the context state then JMP to the real function. Oops, that is self modifying code and doesn't work any more.

The Solution: Windows doesn't actually ban all execution in writable pages, just in data pages. Most unix OSes have similar limitations. We just need to tell Windows that we'd like a writable data page to put our code into. This is done with the VirtualAlloc function. For example:
void *addr = VirtualAlloc(NULL, bytesneeded, MEM_COMMIT, PAGE_EXECUTE_READWRITE)
Now, VirtualAlloc can only allocate multiples of the pagesize, and the bytesneeded in that call will be rounded up. So don't be using it like malloc and calling VirtualAlloc over and over again with tiny little values. The default page size is 4k on workstation and either 4k or 2M (yes 2 megabytes!) on server platforms.