Tuesday, September 30, 2014

An Important Reminder

Just a heads up, I'm going to start using this quote whenever I get into political discussions. You've been warned.

The plural of anecdote is not data.
~ Roger Brinner

Via: Wisdom and Wonder

repl.it - Love It! And Learn to program with two URLs

This morning I worked up a solution to today's Programming Praxis challenge (find it here). The code was simple enough to write (and yes, I wrote it on my Galaxy S5). A few minutes after I committed the solution to git, I decided I wanted to tweak a function name.

Github provides an easy enough way to edit a file and commit the change. The catch is that I know from countless goofs that even the most trivial change needs to be checked before committing. I could fire up my Android Scheme Dev environment without much difficulty, but at the time, I had a Firefox window open to Github on my Laptop. It occurred to me: surely there had to be an online Scheme REPL I could test my fix with. Then I wouldn't have to leave my browser (much less my dev environment).

I give you repl.it. Here's my fix in action:

Now I know this snippet of code was pretty trivial, but still, I'm floored by how impressive repl.it is. As an educational tool, it's nothing short of amazing. All you need is a web browser and some time, and you can be on your way to learning how to program.

repl.it isn't limited to Scheme dev either. Of particular note is the presence of a Forth interpreter, which is another language I enjoy puttering around with.

OK Ladies and Gentlemen, ready to learn to program? Here are the two URLs you're going to need:

  1. Structure and Interpretation of Computer Programs (SICP). Depending on who you ask, it's either the greatest text ever written on the topic of programming, or absolute junk. I belong to the former camp.
  2. repl.it. Don't just read SICP, execute it. Run the code. Solve the examples. repl.it seems powerful enough to do just that.

So stop surfing, and start learning!

Monday, September 29, 2014

It's all in your head: Adventures in Generating Site Specific Passwords

The Blums Mental Hash (BMH) algorithm, a programming exercise I worked on this last weekend, won't let me go. Quick review, the BMH is supposed to be a mental exercise you can go through to generate a unique password for any website. The algorithm and its intentions are explained here:

Good passwords are hard to remember. A pattern that makes a password memorable is likely to make it vulnerable to attack. If remembering one secure password is hard, remembering many such passwords is entirely impractical. So people who have gone to the effort of creating one good password use it for many different accounts. A security breach anywhere that password is used means that the password is vulnerable everywhere else it is used.

It is much safer to have different passwords for every account. Then if one password is compromised, the damage is limited to a single account. One way to accomplish this would be to have software compute a password for each account by encrypting the name of the account. For example, your password for Home Depot could be the result of encrypting the text "homedepot." This way accounts with different names would automatically have different passwords. (In practice, it might be possible but highly unlikely for two account names to result in the same password.)
Is it possible to create encryption algorithms that a human can execute but that a computer cannot break? It doesn't seem at first that this should be possible, but Turing Award winner Manuel Blum believes it may be. He presented his proposed algorithm at the Heidelberg Laureate Forum. He emphasized that his method takes a lot of up-front effort to learn but then it can be carried out quickly. To prove this claim, he demonstrated that at least one person has in fact used the method, namely himself! He said he can usually come up with a password in under 20 seconds.

There are a couple of questions that keep floating around in my head?

The problem of generating passwords on a per-site-basis is monumentally difficult. Yet, Blum's algorithm is pretty simple. It's still beyond what most (anyone?) would go through to generate a password, but it shows huge promise. It makes me wonder if the problem of generating passwords doesn't have some solution analogous to what the CAPTCHA provided against SPAM bots. In that case, most SPAM bots were stopped in their tracks all by using a technique that a PHP programmer could whip up in a couple hour's worth of work. (Hint: learn GD).

Another thought: the BMH works by walking through each letter in the domain name, and generating a unique password entry for it. At the core is a key which says how digits should be mapped to numbers, and from there, how they should be shuffled. I wonder if a physical device--think stack of cards, or string of beads--could be used to assist. Imagine if your key was a set of colored beads on a lanyard, and you used them to translate a domain name to a password. Crazy, but it almost seems possible.

And another: I always think of cryptography as requiring mind bending math skills. But the BMH shows that this doesn't need to be the case. You should study this algorithm, if only to appreciate that security doesn't need to come at the cost of complexity.

Finally, I was wondering if there's a way to put the BMH code I've written to use. While I couldn't think of a way to leverage the Scheme version of the code, it occurred to me that if I had a JavaScript version I may be able to write a bookmarklet that uses the code. So that's what I did. Here's a JavaScript version of the BMH algorithm and here's a Bookmarklet:

(Huge thanks to Peter Coles for the Bookmarklet generator -- man that's awesome!)

With the Bookmarklet in place, I can click my toolbar and be provided with a password that corresponds to the domain name in use. (Ssssh, don't tell anyone: my "password" for blogger.com is @TuZeMe@NiWaZe--Ni3).

There are a number of issues with the Bookmarklet, but the obvious (and fatal) one is that the keys are stored in the source code. That means that if you drag the Bookmarklet to your browser, you'll get the same passwords I do. Which is not what you intended. The solution would be to store the key parameters in the bookmarklet itself. But that would be messier than I need for this trivial example. Perhaps if I'm still infatuated with this algorithm next week, I'll add support for this.

More Scheme Dev on Android, Now With Git Support

Continuing on my Scheme on Android kick, here's a solution to the most recent Programming Praxis problem. It's actually quite an interesting challenge:

It is generally accepted wisdom that people should use different passwords for each of their online accounts. Unfortunately, few people do that because of the difficulty of remembering so many passwords.

Manuel Blum — he’s the guy in the middle of the Blum Blum Shub sandwich — suggests an algorithm that hashes a web site name into a password. Further, his algorithm is cryptographically secure, so no one else can determine your password, and can be worked mentally, without a computer or even pencil and paper.

Read more about the algorithm here. I don't have the mental muscle to execute the hash in my head, but it was a terrific little coding challenge.

I used the same setup as last time: Gambit Scheme + DroidEdit + Perixx 805L Keyboard. For the most part, I found myself writing and executing Scheme with little regard for the fact that I was working on a cell phone. That, of course, is what I'm after.

Two improvements I've made in the setup:

First, I've defined a procedure named lex, which I can invoke to reload the source file I'm working on:

This combined with a couple of keyboard shortcuts to switch between Gambit and DroidEdit means that I can modify, reload and execute new code with relative ease. Having the source code live in ex1.scm means that the entire solution to the problem will be in one file. Which for the purposes of developing solutions to these brain teasers is ideal.

Second, I've setup git in Terminal IDE. So now, when I'm finished developing a solution, I can archive it. DroidEdit has built in support for Git, but I prefer a command line interface to version control.

Setting up Terminal IDE took just a bit of wrangling. Here's what I did:

  • Made sure the appropriate public key was in Github.
  • On a Linux machine that had the dropbear ssh tools installed, I converted my private key to be in the dropbear format:
    mkdir ~/tmp/working
    cp ~/.ssh/id_dsa ~/tmp/working
    cd ~/tmp/working
    ssh-keygen -p -f id_dsa # strip the encryption from the openssh key
    dropbearconvert openssh dropbear id_dsa id_dsa.db
    # Copy id_dsa.db to the Galaxy S5
    rm -rf ~/tmp/working
  • Checked the key on my phone by running the following within Terminal IDE:
    ssh -i id_dsa.db git@github.com
  • Within Terminal IDE, I created a wrapper script named gitssh to launch ssh properly:
    ssh -i $HOME/id_dsa.db $*
  • Still within Terminal IDE, I set the GIT_SSH variable to the above script:

    setenv GIT_SSH=gitssh
  • I was then able to launch git commands as usual:
     git clone ssh://git@github.com/benjisimon/code

Happy on the go hacking!

Sunday, September 28, 2014

5 Outdoorsy Uses for Old T-Shirts

A couple weeks ago Shira and I did a closet t-shirt clean out. When we were done we had a pretty sizable pile of t-shirts which were way to frayed to donate. We could just toss them in the trash (how many rags does one need?), but surely the Internet would have some terrific suggestions for putting these bad boys to use. Right? Well, almost right.

Lists do indeed abound: 39 Ways To Reuse, Restyle, And Rewear Your Old t-shirts, 50 Ways to Repurpose an Old t-shirt, 28 Innovative Ways To Use Old T-shirts, to name just a few. The catch is that most of the suggestions are either fashion related or are craft ideas outside my skill set.

Still, with all the great ideas out there, there had to be some Ben-appropriate uses for this heap of shirts. After a bunch of research, here's what I've come up with. Think function of fashion. Hope this helps.

1. Make a Bandana

It's trivial to cut a square of material out of a t-shirt, tie it around a pack strap or shove it in a pocket, and you've got one of the world's best outdoor multi-tools. (Here's 180 uses for a bandana, if you don't believe me). These particular bandanas would work well for activities that may involve messy jobs. If they get too grimy, you won't be sad to toss them.

2. Make Char Cloth

Assuming your old t-shirts are of the 100% cotton variety, then you can make char cloth from them. Char cloth is apparently a useful and time tested fire starting material. I've never used it before (I'm a dryer lint and Bic lighter kind of guy), but with all this cotton around, it's worth a try.

3. Master Making Cordage

One common t-shirt project is to braid or weave a new creation from t-shirt "yarn". Following this procedure, you can effectively turn a t-shirt into a length of cordage. Practicing this on some ancient t-shirts would help you master a skill which could really come in handy in the wilderness. Not to mention, if you make the cordage wide enough, you effectively have a scarf, which is handy in its own right.

4. Ninja Mask Improvise a Balaclava

I've covered this use of a t-shirt before: From t-shirt to Ninja Mask in 5 Easy Steps. I'd assume this approach would work just as well with a used t-shirt.

5. Create a Tote Bag

One frequently recommended use for old t-shirts that is functional is to create a tote bag. The whole procedure can be done in just a couple of minutes: (1) lop off the sleeves, (2) cut a wider opening on the neck and (3) close up the bottom of the shirt. The procedure is well described here, and gives you three options for sealing up the bottom of the bag. You can sew it, create a sort of draw string or cut fringes and ties the fringes off. I've tried that third approach, though before I tied the fringes off, I flipped the shirt inside out. Once the fringes are all tied off, and the bag is flipped back the right side around, the bottom is sealed and there's no dangly fabric in the way.

At first glance, these totes bags are of limited outdoor use. But, I think they may have more going for them then I originally thought. Given the right t-shirt, this may be perfect bag for a kid to bring along on a hike. The fact that the cotton breathes well and you don't really care about staining the bag, it might work well for collecting wild edibles. And finally, the soft fabric might be ideal for storing fragile gear off season. And just like the cordage above, practicing making the bag ahead of time means that if you ever need to improvise one, you'll know what you need to do.

So get snipping!

Wednesday, September 24, 2014

Are we there yet? Writing and Running Scheme Code on Android

Here's the solution to the most recent Programming Praxis problem. It's not the most pithy or elegant code, but it gets the job done:

; Solution to: http://programmingpraxis.com/2014/09/23/triangle-roll-up/
(define first car)
(define second cadr)

(define (sum row)
  (let loop ((row row) (result '()))
    (if (= (length row) 1)
        (reverse result)
        (loop (cdr row)
              (cons (+ (first row) (second row))
(define (roll numbers)
  (let loop ((numbers numbers) (result (list numbers)))
    (cond ((< (length numbers) 2)
           (reverse result))
           (loop (sum numbers) (cons (sum numbers) result))))))
 (define (fmt results)
   (for-each (lambda (r)
               (display r)
              (reverse results)))

> (fmt (roll '(4 7 6 3 7)))
(46 41)
(24 22 19)
(11 13 9 10)
(4 7 6 3 7)

One reason it's not streamlined: I worked out the solution on my Galaxy S5. As a Schemer at heart, I've always wanted to have a Scheme interpreter running on my phone . Unfortunately, I've never found an environment robust enough to be anything more than a basic demo.

But times change, so I figured it was worth checking the Play Store for new Scheme options.

To my delight I found quite a few. There's Scheme REPL, Scheme Droid, Gambit and Scheme Pad. They're all very promising. I figured trying to solve the Programmin Praxis problem would be an ideal test. Note, I'm using my Perixx 805L Keyboard for text entry. None of these environments would be of any use without an external keyboard. As usual, the Perixx worked really well. (Allowing me to develop a Scheme solution and compose this blog entry.)

Casually browsing through the apps, Scheme Pad looked most promising. It had a way to load and save files and included parenthesis matching. Paren matching is absolutely key. Unfortunately, Scheme Pad is too smart for its own good. It tries to automatically send lines of code to the REPL as you enter them, and I quickly found that I could confuse the app. When it works, it's awesome, but I found myself having to load and reload my example file to keep it working.

Back to the drawing board.

When I went back to the apps, I was pretty bummed out. None of them had the paren matching Scheme Pad had, so they really weren't going to be realistic solutions.

Then I thought I'd take another approach. What if I used an external text editor to do the authoring of the scheme file and just used one of the REPLs to interpret it.

After a couple of false starts I found Droid Edit, which is quite the impressive editor. It does paren matching, text highlighting, and responds to keyboard short cuts. I'll almost certainly be buying the pro version to get rid of the ad in the bottom right hand corner.

I found that I was able to scratch out some Scheme code without any difficulty. I could then flip over to the Gambit REPL and load in my file:

(load "/sdcard/Documents/ex1.scm")

The Gambit App allows you to scroll back in the REPL and hit enter on a previously run expression. This queues up the expression for you to edit and run. The result is that I had to type my load command once and then could re-run it.

The edit, Alt-Tab, load, run, loop isn't quite the most efficient way to program. But, both the editor and REPL are excelling what they do, so it seems reasonable to put up with the two app solution.

Not to mention, I'm fairly certain I could automate the process further by using the External Keyboard app's shortcuts or perhaps using Tasker.

Here's some screenshots of the development in action:

I think it'll take a bit more tweaking, but it does seem that a Scheme environment that Really Works is achievable on Android.


Tuesday, September 23, 2014

Tasker AutoRemote - Remote Programming Of Your Android Device, The Easy Way

Tasker AutoRemote is a slick little Android App that allows you to remotely access your Android device from any Net connected device. It effectively provides you with a URL you can invoke and thereby pass messages to your phone. Those messages can then be acted upon by Tasker.

Once I worked out a few kinks, Tasker AutoRemote became a fun way to integrate remote Linux servers with my phone. Consider the notification from the command line "problem" I worked out a while back. To summarize, I wanted a way to have my computer notify me when a long running task was done. The solution was speak.exe, an AutoHotKey app that uses text-to-voice to get my attention. I can now run the following command locally::

  make ; speak "Done compiling. Back to work"

With AutoRemote, it's trivial to extend this example so that I can run:

  make ; andsay "Done compiling. Back to work!"

and have the voice chime in over my phone. I don't need to be in front of my computer any longer, and the command works just as well on my local desktop, as it does on a far off remote Linux server.

On the Linux side, I've implemented a general purpose andsend script that invokes my device's URL with arbitrary arguments and content being read from stdin:


## Send data to an android device using Tasker's Auto Remote

if [ $# -eq 0 ] ; then
  echo "Usage: `basename $0` command [arg ...]"
  exit 1
  command=$1 ; shift
  while [ $# -gt 0 ] ; do
    command="$command $1" ; shift

echo -n "$command=:=" > $tmp
cat                  >> $tmp

curl -s $base -d "key=$key" --data-urlencode "message@$tmp" > /dev/null
rm -f $tmp

I've then setup a number of wrapper commands that invoke andsend. Here's andsay's:

andsend "Say"

And here are the scripts for andclip, which stores text in my Android device's clipboard and andsms which fires off an SMS to a number of my choice:

-- andclip
andsend "SetClipboard"

-- andsms
if [ -z "$1" ] ; then
  echo "Usage: `basename $0` phone-number"
  andsend SendSms $1

It's all pretty basic stuff. I'm leveraging the convention that AutoRemote uses that messages have the format: word1 word2 ...=:=arbitrary text....

Most of the magic happens on the Android side of things. And even then, the profile to implement andsay is pretty trivial. Here's the Tasker description for it:

Profile: AutoRemote, Say (35)
State: AutoRemote [ Configuration:^Say (regex) ]
Enter: Anon (36)
  A1: Say [ Text:%arcomm
            Continue Task Immediately:Off ] 

With this in place, I can type the command in my office, to be run on a server in Denver, and be notified of the task completion while I'm making lunch in the kitchen. Life is good!

Monday, September 22, 2014

3 Bugs - 2 Identified, 1 Mystery

Yesterday, we caught a glimpse of a number of interesting insects.

First, there's these guys:

Some time ago, I figured out that was milkweed (it's a 'pod' dummy, not a 'cone'). It turns out these little guys are appropriately known as Milkweed Bugs. They're not especially notable, except that they are harmless and make good specimins to study.

And then there's this guy:

Check out the 'spikes' on his back. He's a Wheel Bug (again, pretty well named I'd say) and looks like something out of a Sci-Fi movie. The Wheel Bug belongs to the slickly named assassin group, and though it's hard to tell in the above photo, he has one massive fang. So, should you mess with Wheel Bugs? No, no you should not:

Q:What insect has the most painful sting, in your opinion?

A: That is a good question and I feel I am qualified to answer it because I have been bitten and stung by just about everything that bites and stings.

Over the years I have been bitten by venomous snakes nine times (two copperheads, one water moccasin and six rattlesnakes). I have been stung by a half dozen scorpions, several centipedes, a black widow and several other spiders, fire ants, harvester ants, velvet ants (wingless wasps), bats, rats and cats.

Without a doubt the most painful bite I have sustained was from a wheel bug.
(Read More...)

Some good news: Wheel Bugs aren't aggressive. If you leave them alone, they shouldn't bother you. Still, I think I'll pass on taking close ups of Wheel Bugs in the future.

And finally, the mystery. Check this guy out:

I mean, he doesn't even look like a guy (or gal, for that matter). He looks like a chunk of leaf or something. But, when I got close enough, he started moving. It's alive!

So what is it? Any ideas?

Sights from a Sunday - Apples, Overlooks and Retail. Lots of Retail.

Yesterday, Shira and I managed to mix in a little Apple Picking at Hollin Farms, hiking at Sky Meadows State Park (a few miles from Hollin Farms) and shopping at Fair Lakes Center (located on the way home from Sky Meadows).

Hollin Farms was a winner. They had quite a variety of apples to pick from, and while the open area of the orchard didn't strike us as particularly large, it served our purposes well. And Sky Meadows is just gorgeous. Holy Smokes! Has it really been 6 years since we've been there? That was a lifetime ago. Besides the fond memories of hanging with The Boys there, it's also one of the first glimpses I had of the Appalachian Trail. The small backpacking trips we've done along the AT can probably be traced back to that sighting.

But the most impressive and awe inspiring part of the day was Fair Lakes Center. How can a Target, BJs and Walmart and 55 other retail establishments all exist in one shopping center? (Like, Modells Sports next to Sports Authority, right next to Target and Walmart, that also sell sporting goods. Mind. Blown.) That seems like enough retail infrastructure to power a small 3rd world country. Yeesh. I don't know whether to be appalled, proud or just thankful for the convenience. Here in Arlington, we have relatively close access to Target and BJs, but not like this. Is that what life is like in the suburbs?

Some photos from the day...

Thew view from Hollin Farms:

Shira picking forbidden fruit.

Apple tree leaves. At this point, Shira's annoyed at me for not paying attention to the task at hand.

Mission accomplished!

Let's do the Overlook trail at Sky Meadows. It's gorgeous, is it not?

Us. Did I mention that the Overlook trail was all uphill? You're welcome.


Pretty, and appropriately named, Milkweed Bug.

Thursday, September 18, 2014

Road, Rocks and Running

Tonight I included a section of the Potomac Heritage Trail in my run. Specifically the section from Chain Bridge to Donaldson Run. It contains some sections that are more rock scramble'able than runnable. But still, it was lots of fun.

Here's the route.

And some pictures from the trail.


Related Posts with Thumbnails