Joseph Scott

No Mention Of Twitter?

After reading Ben Thompsen’s take on Trump communicating directly with voters I was surprised to see no mention of Twitter. Meanwhile there are 15 references to Facebook.

I get it, Facebook is enormous, and bigger than Twitter. That doesn’t change that fact that the preferred medium in this particular case has been Twitter.

From The Voters Decide:

my focus is the business and strategy of technology, something that is inextricably linked with the effect technological change has and will have on society broadly — and that includes politics.

You can’t have a serious discussion about how the Internet and technology have changed the communication dynamics during this election cycle without including Twitter.

How I Ended Up With Vim

I do the bulk of my editing using Vim. Here is the short version of how that came to be.

Many years ago I worked in an I.T. department doing various bits of grunt work, mostly setting up new desktops and laptops. I was curious about the servers that were managed by others in the department, and I got tasked with setting user accounts on our Unix and VMS systems. I recall the VMS system in particular being a rather manual process. Fortunately we had good documentation on the exact steps needed to create new users.

Our Unix sysadmin felt very strongly that anyone doing admin work on those systems needed a basic knowledge of vi. The reason for this was a concern over repairing systems that were in an unusable state, which usually meant booting into single user mode to clean up what ever mess had happened. The combination of a messed up system and single user mode means that several of the tools that you were accustomed to using wouldn’t work.

With a messed up server you could only depend on statically linked binaries to ( hopefully ) work. At the time the cross section of statically linked editors were things like cat, ed, and vi. So vi became the go to option, because the alternatives were worse.

I had to demonstrate to our Unix sysadmin that I had enough vi skills to open a file, edit it, and save it. Not exactly a high bar, but I remember hating it. I’d never used a modal editor before, and I had to learn H, J, K, L for cursor movement ( terminal emulation settings, another thing that used to be surprisingly easy to do wrong ). It drove me crazy, but I did it because I wanted learn more about these systems, and this was my path to getting access.

After that job I went to work at a small I.S.P., where I was logging in and out of FreeBSD, SunOS, and Solaris systems all the time. Being able to use vi to edit files on each of those turned out be very useful. It also matched my work flow, which was usually: open file in vi, make changes, save and exit vi. Get in, make changes, get out. Repeat as needed.

I tried various vi clones and found that Vim matched my expectations of a reasonable vi editor. By the time I left the job at the I.S.P. Vim had become a habit.

Fast forward to today and more often than not you’ll still find me in a terminal window editing files with Vim.

Password Hashing Examples

Paragon Initiative has put together a post with examples of how to use bcrypt & scrypt in PHP, Java, C#, Ruby, Python, and NodeJS. Most of the code examples are only a few lines long, making them easy to follow.

They had picked bcrypt as their standard example, with scrypt as the next alternative, based on their preferred algorithm list:

Although there is disagreement about how to rank them, cryptography experts agree that these algorithms are the only ones you should be using to store passwords in 2016:
– Argon2, the Password Hashing Competition winner.
– bcrypt
– scrypt
– The other Password Hashing Competition finalists ( Catena, Lyra2, Makwa, and yescrypt )
– PBKDF2 ( nearly everyone except FIPS agrees this is the worst of the acceptable options )

I’ll give Argon2 a few years of real world exposure before I’d consider it for the number one spot. Until then I agree that bcrypt is good default approach. For caveats on that see their “Why prioritize bcrypt over scrypt?” section.

For new systems this should be an easy thing to do ( you’ve already got code examples now! ). And converting old systems isn’t necessarily complex, most of the time will be spent testing.

Leap Day

Welcome to the not exactly every four year calendar oddity known as leap day! Just follow these three simple rules:

1 – Add an extra day every four years
2 – Except for years that are divisible by 100
3 – Unless that year is also divisible by 400, in which case you do add the extra day

Turns out that February 29th, 2000 was a special type of leap day that won’t happen again until February 29th, 2400.

Here is the visual version:

For the etymologists in the room check out the word bissextus.

Provo City Center Temple, Open House

Last week we took the open house tour through the Provo City Center Temple:

They did an amazing job rebuilding it after the fire.

Identical Twins, Not Identical Fingerprints

Turns out there is a physical trait of identical twins that isn’t identical. Fingerprints, here is why:

Because fingerprints are influenced by environmental factors during intrauterine life.
…
Although very similar, the fingerprints of identical twins are nevertheless unique because they are not completely determined by genetics: they are an example of phenotype, which refers to the physical characteristics of an individual that are determined by the interaction of genes and the environment.

The New York Times covered this back in 2004:

While a fetus is developing, the ridges along these patterns are influenced by a number of factors, including bone growth, pressures within the womb and contact with amniotic fluid.

For all the talk about how no two people have identical fingerprints, I hadn’t thought about the specific case of identical twins. Are there any other physical tests that you can do to tell the difference between identical twins?

ImportHTML

Recently Zach Klein mentioned ImportHTML for Google Docs:

MINDBLOWN.
You can automatically scrape and import any table or list from any URL into Google Spreadsheets. pic.twitter.com/Gu6lNMPY1J
— Zach Klein (@zachklein) February 21, 2016

So I tried it out on the Supreme Court Nominations page ( on senate.gov ):

=ImportHTML( "http://www.senate.gov/pagelayout/reference/nominations/Nominations.htm", "table", 3 )

I was impressed with the result.

Docker Overhead

Percona has been measuring Docker overhead ( when running MySQL ). Specifically I/O ( there is none ), and network ( depends ) overhead.

Be mindful of your Docker network config.

Windows 3.1 Programs Online

If DOS malware isn’t your thing, how about Windows 3.x software? From the announcement on this collection:

We’ve now added over 1,000 programs that run, in your browser, in a Windows 3.1 environment. This includes many games, lots of utilities and business software, and what would best be called “Apps” of the 1990s – programs that did something simple, like provide a calculator or a looping animation, that could be done by an individual or small company to great success.

I’ll suggest one: Wintrek:

Malware Museum

The Internet Archive once again preserves a fascinating bit of computer history, from the MS-DOS era:

The Malware Museum is a collection of malware programs, usually viruses, that were distributed in the 1980s and 1990s on home computers. Once they infected a system, they would sometimes show animation or messages that you had been infected. Through the use of emulations, and additionally removing any destructive routines within the viruses, this collection allows you to experience virus infection of decades ago with safety.

Now be honest, of all the things that you thought might show up in the Archive at some point, was a malware museum really on your list?

Another angle used for evil during that same period were ANSI bombs. Some times it is safer to have fewer features rather than more.