Another way to not fail as much.

Particularly while testing software, we often find ourselves generating
large numbers of “garbage” records simply to emulate real data.
For example, one might need to create a number of user account
login names.

Given the choice, there are several ways one might go about this.

1. Using a number (or a prefix followed by a number). The Lisp built-in
GENSYM works like this; eg (gensym “counter-“) ⇒ #:counter-2145.

2. Concatenating a number of random characters together; eg,
“,j.45u76bd89ku”

3. Creating a sequence of Consonant-vowel pairs, eg “tesutohece”

4. Creating a sequence of word-like syllables that follow some
unambiguous clustering rules in English. One pattern I like to re-use is
that each syllable begins with one of ‘p’, ‘y’, ‘f’, ‘g,’ ‘r’, ‘l’, ‘d’,
‘t’, ‘n’, ‘s’, ‘j’, ‘k’, ‘b’, ‘m’, ‘w’, ‘v’, followed by a vowel, and
ends with one of ‘p’, ‘f’, ‘g’, ‘r’, ‘l’, ‘t’, ‘n’, ‘s’, ‘j’, ‘k’, ‘x’,
‘b’, ‘m’, ‘w’, ‘v’. This leads to strings like “sanmelfar”.

5. Using actual words, adjoined using some kind of pattern; eg,
adjective + noun. Docker.io, for example, creates container names like
this; eg, “exuberant-curie”

These are in order for a very good reason: Debugging.

Suppose that you’re entering some new records into a database.
They’re garbage records, only intended to live until the end of
your test. You’re not testing the “name” field (for which, naturally,
a full fuzz test with out-of-conformance UTF-8 values, UTF-16
substitution ranges, non-printable code points, de-normalized combining
characters, and so forth will all be necessary) — but you do need to
supply some kind of name so that the records will be valid on the face
of them, in order to get to your actual test.

Now, it’s technically equally valid to choose from any of the five
options listed above. Why on Earth, then, might you care to move lower
on the list than something like GENSYM?

There’s the rub. Sooner or later, a test will fail. If it didn’t ever
happen, we wouldn’t need the tests at all, would we? When that day
comes, almost inevitably, you’ll find yourself slogging through
a post-mortem of your database, your files, your logs, trying to
discover what went wrong.

At that point, all five ways are still technically valid, however, as
you move lower down the list (toward #5), they decrease your
cognitive burden. In other words, it is easier for your brain to
recognize, internalize, and match against the strings the more that they
are like real words. Numbers are tough. Garbage strings are just about
as bad. But “wa-wa” or “CV” strings are at least somewhat word-like, and
can be parsed by your brain just a bit easier. The word-like syllables
patterns are even better, and real words, particularly when combined in
reasonable or meaningful-seeming ways, are what this whole “reading”
thing is all about.

Making things just a little easier for yourself (or whoever it is that
has to deal with the melt-down when it comes) is always a great option —
so move lower on the list whenever you have the opportunity. Pulling in
full dictionaries might not often be a choice, but throw together
a little “random pronounceable string” function in your toolkit.

Taken conversely: If you do not spend the five minutes now to put
together a pseudoword generator, you are intentionally handicapping the
ability of the human brain to recognize the data patterns that you have
created, which will increase the time you will need to spend debugging,
as well as taking away your concentration from the task at hand in order
to focus on, and repeatedly re-verify the matching of, sequences which
would otherwise be completely transparent to you.

By the way, the effects are not only measurable, but have been measured.
Take a look at, eg. “Better the DVL You Know: Acronyms Reveal the
Contribution of Familiarity to Single-Word Reading” by Laszlo and
Federmeier (Psychol Sci, Feb 2007;
NIHMS109307) or “The acronym superiority effect” (same authors).

The recognition levels electrical activation in the middle
parietal site (graph on p. 8) show similar brain activity for words,
familiar acronyms, and pseudowords, but have a very poor correspondence
with random garbage strings. The graph on the following page shows
striking differences in recognition of repeated presentations of the
same patterns; illegal strings and unfamiliar acronyms are much more
poorly recognized than words or pseudowords.

Take a look at this:
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC2704149/figure/F1/

On the right, we see that the first time an illegal string is presented,
you spend a lot of mental work trying to make sense of it. When it’s
repeated, though, you have nearly no hope of actually recognizing
it again.

Don’t handicap yourself needlessly. Masochism does not make for good
programming style.

Business plan woes

It’s been 15 years since I started a business and I still don’t have a good grasp on what to write in the business plan. “Our vision is to do fun stuff and we are going to do it with or without your help, but if you help we’ll do really cool stuff and probably be able to pay you back.” Yeah, that’s kinda crap.”I’d like to be able to quit my day job so we can actually do stuff in a reasonable amount of time without getting evicted.”?

 

 

Post-intrusion check-up

I wrote up this answer on Ask Fedora, that might prove useful to some other folks;

How to check out a Fedora (or Red Hat Enterprise, Community Enterprise, SuSE/Novell, Scientific, …) system that you’re concerned might have been compromised.

Of course, no such list is ever “complete,” but this is more than what your average auditor would check.

https://ask.fedoraproject.org/en/question/73317/how-do-i-scan-fedora-for-viruses/?answer=73355#post-id-73355

The METRO Entertainment Complex logos

Got a message today from the owner, Jerry Rosenberg, looking for copies of some logos I’d redesigned back in ‘O8 and figured I might as well post some of ’em here.

 

Business logo:metro-business-logo

 

The “Special Events” aka “Showtunes” variant, with input from Kingsley Spencer:

 

metro-showtunes-black

The Freedom flag variant of that one:

metro-showtunes-freedom

And some of the signage and things using the logo … not all of which made it to press …

metro-bizcard-blank metro-showtunes-matchbooks metro-business-logo metro-bizcard-mike metro-shadows metro-sappho metro-rainbow metro-oasis metro-gameroom metro-disco metro-boiler

 

covers for the matchbooks (silver foil on purple gloss):

 

 

metro-showtunes-matchbooks

Some time later, they revised the logo. The skyline in the ones I’d done was traced from a photo, standing on the bridge looking downtown, but the “sparkley” version was apparently traced off the older, hand-drawn skyline that matched the previous version of the logo. Here’s the sample that Jerry sent me:

2015-08-04

So, I retouched the “showtunes” logo to more-or-less match it for him … Still with the “photographic” skyline. The funny thing is that the moon had been facing the other way on the old business cards; I flipped it to match the neon sign out front. So that logo is a really strange hybrid …

metro-showtunes-sparkley-pink metro-showtunes-sparkley-pink-low-res

And, while I was in that folder, I ran across a few old promo posters for the bars … you can see the inspiration for the “sparkley pink” version probably came from the Fridays & Saturdays logo here … ?Monday lowres Lesbo•A•Go-Go lowres Karaoke lowres Gameroom lowres Drag lowres Boiler & Sappho's lowres College Night lowres DJ lowres 365 Days lowres Wild Wednesday lowres Weekend lowres Tuesday lowres Sunday Special Events lowres Sunday SIN lowres Rainbow Room lowres Strip Contest lowres

and a few of them in high-res …

Thursdays Sundays QaF Karaoke Lesbo Pool

 

 

Note to self … I should probably “tag” a few folks on Facebook who might remember the Old Days. I think all those posters are from January ’O8, so it’s been 7½ years ago, now.

 

 

 

 

W, X, Y, Z?

Why can’t I type the letters eks or tsee in WordPress posts?

 

a b c d e f g h i j k l m n o p q r s t u v w  y

Eks just gets ignored, but tsee asks me if I’m sure I want to close the window.

 

Dang it …

Start an EXE in the right environment

Linu systems can run .ee files of several different types: DOS, Windows, or .NET programs. Unfortunately, there wasn’t a really good way to tell which of the three types of interpreters would be needed for an .ee without fiddling around in a terminal.

So, I just threw together a little helper program that will read through the headers of the program file itself, and run it in what should (hopefully) be the correct environment.

It’s on GitHub as http://github.com/brpocock/start.exe and there are some simple’ish instructions.

Basically, check out or download the code, and use make to compile (It’s just one C file, it just compiles with cc start.ee.c -o start.ee actually), and copy the output to /usr/bin. Drop the binfmt config file into /etc/binfmt.d and SystemD will pick it up on your net boot. Or, once you have start.ee you could tell your file manager to use it to open .ee files. I’ll probably add a .desktop file to the package whenever I have a minute to screw around with it again, that’ll make that automatic. (And probably also properly package it into an .rpm package.)

Adding a second passphrase to an encrypted disc

After a friend lost her hard disc due to forgetting her LUKS password, it occurred to me that creating an “escrow” password of annoyingly great length and keeping it someplace (eg, hard copy in a file bo somewhere) might not be a bad idea. I was vaguely aware you could have multiple pass-phrases for Linu’s disc encryption, but it turns out to be pretty easy to set up.

Annoyingly, it requires a Terminal shell, as Gnome Disks doesn’t have support for multiple pass-phrases (yet?).

Caveāt lectōr, naturally, the volume is only as safe as the weakest password, et al.

List block devices: lsblk

Find the device on which the encrypted volume eists; eg, the luks-### volume is probably on either an LV or partition, eg sda3

sudo cryptsetup luksAddKey /dev/sda3 # to add another key

You only need to know (any) one eisting key to do so

Hmm, so how can I tell if someone’s back-doored my filesystem?

sudo cryptsetup luksDump /dev/sda3

There are (always eactly) 8 key slots on a filesystem. How many did you epect to be enabled?

Key Slot 1: ENABLED

If you have multiple volumes which don’t have a common pass-phrase between them all set to mount at boot, you will hate life. Keep pass-phrases for boot volumes in sync unless you have some very esoteric set-ups.