From “Authentication is Secondary” by Bob Cringely:
“Remember that all the authentication in the world will not protect against a privileged user doing the wrong thing. It’s just that logging may help to determine what happened after the fact.”
Quote from “Authentication is Secondary” by Bob Cringely
February 4th, 2010First post using WordPress for Android
February 3rd, 2010This post was created on Droid phone using WordPress for Android. You can find more details about the app at http://android.wordpress.org/.
High speed abort, Friday the 13th, and 6660
November 13th, 2009Being an aviation geek, I found my situation this afternoon/evening interesting. I was in Denver, CO, at a technology conference and coming home today. I was on United flight 6660 to Cedar Rapids, IA. Today’s date was 11/13/2009 and the day of the week was Friday. As the CRJ jet operated by SkyWest was gaining speed on takeoff, the takeoff was aborted. The aircraft, after slowing down, pulled off of the runway. The pilot came on the PA system and said that we had to abort takeoff because a warning light came on indicating that one of the deicers was overheating. In this 10 years flying, he had never had to perform a high speed abort. But he reassured everyone that we were never in danger of going off the runway since the runway at Denver is 3 miles long.
Using a Maven profile to run a test program
August 25th, 2009This is a new (to me) trick for my programming toolbox. I discovered (copied) it from the Apache CXF project. (I don’t know if they originated it or not.) Basically, you can use a Maven profile configuration in your pom.xml to easily run a test program in your project that has a public static void main(String[] args) method. I discovered this technique reading the README.txt of the Apache CXF sample “java_first_jaxws“. Here is what the Maven command looks like:
mvn -Pserver
Here is what the profile configuration in the pom.xml looks like:
...
<profiles>
<profile>
<id>server</id>
<build>
<defaultGoal>test</defaultGoal>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>exec-maven-plugin</artifactId>
<executions>
<execution>
<phase>test</phase>
<goals>
<goal>java</goal>
</goals>
<configuration>
<mainClass>demo.hw.server.Server</mainClass>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
...
</profiles>
...
When the “mvn -Pserver” command is executed, the exec-maven-plugin will run the demo.hw.server.Server class. The id identifies the profile id used in the mvn command after the “-p“. The mainClass element defines the class with the main method to execute. The exec-maven-plugin does all of the hard work. One of the benefits of this technique is the standard Maven classpath for the project defined in the pom to build and unit test your software is used to run the mainClass. This comes in quite handy if your program uses many jar files. I used to use a Windows batch file (copied from the Tomcat startup script catalina.bat) to run little test programs. This Maven profile technique is much easier to use for me, since I use Maven for most all of my Java development.
Running pfSense on my home LAN
July 4th, 2009I just got pfSense running on my home LAN. I had a cheap Walmart/Everex PC that wasn’t doing anything. And with the three day weekend I realized that I could use it to create a better home network. I added an Ethernet card that I had plus a new Linksys 10/100 Ethernet card that I found at my local Target for $11.99. This gave the computer 3 network interfaces: WAN, LAN, and Opt1WiFi. I have DSL service, so I hooked the WAN interface of the computer to the DSL router. The WAN interface gets a DHCP address. I hooked the LAN interface to an Ethernet switch that I had around. The LAN interface is configured with a DHCP server. I can hook a laptop into the LAN switch, get a DHCP lease from pfSense, and access the WAN interface out to the Internet.
Yeah, yeah, this could also be done with a typical router like the Linksys WRT54GL. Well, I do have a WRT54GL, which I hooked to the Opt1WiFi interface on the pfSense server. So the WRT54GL also has a concept of a WAN<->LAN interface. In my new configuration the WAN side of the WRT54GL is receiving a DHCP address from the Opti1WiFi interface and the DHCP service of pfSense. The LAN side of the WRT54GL is providing addresses via WiFi (which is how I am posting this from my laptop).
So why have both the pfSense server and the WRT54GL? What the 3 interfaces of the pfSense server allow me to do is separate the WiFi traffic from the LAN. I can add a firewall rule in pfSense to only allow the WiFi traffic from the Opt1WiFi interface to the WAN and block access to the LAN. This will allow me to have services on the LAN network interface that are protected from any WiFi connections.
But what if I want my laptop, connected over the WiFi network, to access my home LAN network? I believe that there are a couple different ways the pfSense will allow me to do that. But that is another task for another time. Because at this time, there isn’t anything (yet) running on my new LAN network segment.
Successfully accessed Facebook with OpenID
May 23rd, 2009I have successfully accessed Facebook with my OpenID. I learned that Facebook was acting as an OpenID relying party, meaning Facebook will accept some other credentials than ones provided by Facebook to access your Facebook account. I discovered this capability when reading the post OpenID’s Tipping Point. It was very easy to set up. Here are the steps I went through in Facebook to link an account via OpenID:
Settings -> Linked Accounts -> Add a new linked account: -> OpenID…
I then entered my OpenID URL and clicked “Link New Account”.
Using OpenID to access Facebook is a little bit different than other apps that I have used to authenticate with OpenID. To use OpenID to authenticate to Facebook, you actually authenticate with your OpenID provider first before accessing Facebook. Then when you access Facebook, it recognizes the existing OpenID authenticated session and proceeds to take you to your Facebook “Home”.
This is a great enhancement to Facebook. It makes it much more convenient for me to access the application.
Inbox 0!
March 19th, 2009I made it to Inbox 0 in GMail. Okay, so, it is kind of lazy. I mean, I was just thinking about what the 500+ emails in my inbox were doing? Not much. It was just a pile of read email. As new email came in, I would read it. But I just left it in the inbox. So moments ago I thought, hmm, so what is the “Archive” button in GMail for? Why, it is for this pile of read email in my inbox. The vast majority, in fact all of it at the time, had already been “processed”. Why was I keeping them? Some of them were there “just in case” I needed to refer back to them. But, then what is the “All Mail” archive for? It is there for the times, “just in case”, that I need to refer back to an old email. So, then, why not get the email out of the “Inbox”. So I did. I don’t lose anything by archiving the email. It is still there. (Thanks to Google’s vast storage. I am using 4% of 7.3 GB.)
Authenticate via OpenID
March 18th, 2009You can now use OpenID to authenticate at this blog! w00t!
I have just installed the Wordpress plugin OpenID (version 3.2.1). Installation was very simple: just upload the “openid” directory to the “plugin” directory and then active the plugin. The plugin allows you to assign multiple OpenIDs to your account to log in to your blog account.
Remote desktop connection tip
March 18th, 2009Today I am working from home because Sydney is sick. I therefore connect via the VPN to my work computer. I use Microsoft Remote Desktop Connection to connect to my work computer. But periodically I have problems typing into the remote computer: whenever I type a ‘u’ character, the Microsoft Utility Manager pops up.
After doing a bit of searching on Google, I came upon this post “Windows key “stuck” in Remote Desktop…“. This seemed to accurately describe my problem. But, the first comment in the post was able to work around my particular problem:
The best workaround that always works for me is:
1. Close the RD window
2. Open new RD but make sure the “Apply Windows key Combinations” is set to “On the remote computer”
3. Now press the Ctrl+Alt+End and lock the computer
4. Log in again and it should work.
amirhp
/’L'\mir
I put this here so that I can remember it for the next time. (Yeah, I pretty much expect that this condition will happen again.)
Adelaide is 3!
March 1st, 2009Yesterday was Adelaide’s third birthday. We had a party for her and this morning I was looking through the pictures. Kids are pretty amazing and grow up so fast. Here she is, three years ago, one day old, on March 1, 2006.
She is in the Mercy NICU in Cedar Rapids, IA. (Side note: This is the hospital where Nancy works.) (Side, side note: yesterday, 2/28/09, Mercy imploded one of their building that was damaged in the flood of 2008. It was a big deal for Cedar Rapids: the first known demolishion by implosion.) She was born at 32 weeks, 8 weeks early. She stayed just 2 weeks in the NICU and then was strong enough to come home.
Here she is, three years later, at her third birthday party yesterday.
She wanted a pirate themed party. (She can see just fine with both eyes. But pirates need an eye patch, of course. And they have a scowl and say, “Argh!”) You wouldn’t be able to tell that she was a preemie.