Psychotomy

replaced two of the vanities this weekend. will do the last one next weekend. didn’t really get started saturday, b/c i needed a wrench bigger than what i had, and after we got that we ended up at babies r us somehow ;o

sunday i finished taking out the hall vanity and we went out bought the replacement (we’d checked and they had some in stock).  put it in, only took ~30 minutes.  the connections for the cutoff to the faucets wouldn’t go back on, so i needed new, but that’s just screw this end in, screw hat end on, done.  and hte trap didn’t line up.  but a quick trip would fix that.

so before we went back out, i took out the master.  we picked up another vanity and the bits i thought i needed, came home.  bits don’t work, wtf.  haul the new vanity into place, and the support on the back kinda is where the trap and the cutoff is … take out support (losing the two drawers, incidentally, b/c i had to take off the rails that connected to said support) and slide the vanity in.  it’s a little further from the wall than the old one, weird.  and the top’s a little off balance.  double weird.  and the trap is 2″ lower than the drain ends…
back out, get another type of cuttoff/faucet hoses, and some other bits of  drain-trap pipe stuff.  bring it home.  hoses work now, pipes not so much.  gave up and got dinner at that point.  tonight i get to try to fix the traps still!  whee!  and when i end up at home depot, i’m gonna get some shims to try to balance up the master properly :/

wheeeeee

Posted in: house by attriel /
No Comments

ok, first off, we’re not sure which last name we’re going to use.  mine or hers.  she’s not attached to hers, and it’s “natural” for the woman to give up her name.  blah blah blow me.  tradition my ass.  i’m not really attached to mine, especially since my dad’s brothers are both guptas.  something about castes and subcastes and it’s not a family name but a societal declaration.  gupta is like government or bank maybe, money man.  singhal seems to be white-collar educated technical dude.  but i’m not sure.  but singhal doesn’t draw me too strongly one way or the other.

we’re looking at either “desmond” or “gareth” at this point, for a first name.  we looked at a bunch of others, and had a shortlist of 6 or so (until we learned the gender, a boy was going to be desmond; once we learned the gender we decided we would look more and make a “big decision”; desmond’s made it to the final 2 anyway, handy). to be fair, both names (and moreso desmond) violate one of the pseudo-rules i was applying to offerings from the books:  not a well-known name, product, or gag.  desmond lewellyn (Q form the bond movies) and gareth blackstone (Chef from Chef! (BBC)).

otoh, both are basically the only shots i came up with, and neither is particularly well known (TBH Q was where i originally suggested desmond from, but unless a second kid is named lewellyn (which would probably be more after the dragon in ozy and millie comic) it’s not likely to be caught)

i remember alistair, sebastian and damian were on the short list.  there were a couple others, which were likewise good, but we slowly dropped it to the two.  we’re both good with either, and it will likely be desmond, irregardless of her mom’s dislike of the fact that the nickname is “desi” of “desilu productions” (desi arnez; lucy’s husband) … but, yaknow?  i’m thikning there’s a very limited number of people gonna make that connection, even if mom does insist on buying the boy bongos and conga drums.  but she prefers desilu to gary b/c “it’s …he’ll be called gary!!!” (said in front of family friends, his name being gary :o)

since we’re homeschooling, and both names are two-syllables but easy, i’m not too worried about nicknames.  and i honestly think it’d be des and garth (which i’m not fond of garth, but we’re talking about their friends and the 5-10 period; if they want to be called garth, it’s their choice, later in life, and preteens won’t likely use a nick anyway, unless the real name is long (nicholas, sebastian, alistair, etc; 3-syll and up ; 2syl doesn’t “need” shortening)) rather than desi and gary

Posted in: PI by attriel /
1 Comment

i decided around t-day to start going to krav again.  last week i didn’t, b/c we needed to neaten/tidy/dare-i-say clean up before her mom came on thursday.  not a lot of time to work with.  monday this week was the followup ultrasound (and yes, baby DOES have a heart!  not just a heartbeat!  you’re telling me we can see through her stomach, count the ribs & vertebrate and all that shit, but you can’t measure the fucking heart?  b/c baby’s turned around?  i really don’t quite get that)

wednesday i threw my bag in the car (spaced on tuesday oops) and figured “OK, i’ll hit krav on my way home.” i stayed at the  office a bit late b/c the class was 6:30, which means catching the 5:15 and i get to krav ~6:15, time to change and stretch.  as i’m getting on the train home, i realize i forgot my sneakers.  now, when i worked at nasa, i wore sneakers every fucking day.  except summer when it was sandals.  but my new job?  i’ve got actual dress shoes.  well, not DRESS SHOES but dressier shoes? fuck, they’re not good for krav, that’s the point i’m making here.  so i picked up K and missed wednesday.  b/c i’d left late so i’d be right about right, so i didn’t have time to get my shoes before session :o

thursday (yesterday) i threw the sneakers in the car on top of my gym bag.  made it through class, thursday session is at 5:30.  so i take the 4:15 (which turns out to be express, so i hit the station at 4:45.  i could’ve been at krav at 5:00, jeesh) and go to krav.  sit in the parking lot for a bit trying to talk myself out of it.  and trying to talk myself into it.  b/c i’m out of shape, overweight, lazy, and uncoordinated.  I can lose my balance just standing, and this is gonna be a hell of a lot more stressful, i garauntee that shit.

but, fuck, i’m paying for it anyway.  i need the workout (see overweight and out of shape, hello?).  so i drag myself in, change,stretch, and it starts up.  frankly, i was about dead after the 15 minutes of jumping jacks, pushups, jumping, situps, and whatever else there was.  i kinda lost track

then 15 minutes practicing palm strikes (did OK with them, arms got tired and i was still out of breath, but my form wasn’t too bad and strength’ll come as i get used to it).  then 15 on roundhouse kicks.  having shit for balance, i pick shoes that grip.  b/c one of us should be doing something to keep me vertical, and if I can’t use my actual feet for gripping, the shoes do it.  did you know you’re supposed to pivot on a foot during roundhouse kicks? (amongst other moves i’m sure) … oops :o  other than the fat that I’m gonna rip my knee apart unless i learn to pivot, my form was good and solid.  partner and instructor both said so.  yay me!  i can do form 90% and function!  then we were doing jumping squats or something, break into kicks, back to jumps.  my thighs were dead, i cold barely stand.  jumping was beyond me, and landing would have involved just collapsing :o

last 15 was choke break; not very natural at it yet, but tolerable.  when we did 3-1 groups, i was the only one who didn’t always turn the same direction to break the choke :o  managed to survive through the whole class (gasp gasp pant pant barely; near the end i was trying to decide if my head was gonna explode or if i was gonna puke!  shitty day for the office to have been out of water and me drinking sodas :/) and picked up K before dragging myself home

kiir had a blast listening to me (and watching me) try to drag myself up or down the stairs!  witch.  then this morning the temp was ~25 and 20mph winds … six blocks from the station … hurting like hell (so i’m slower than say yesterday) and it’s fucking freezing.

fuck, i kinda miss my old job.  “yeah, i’m going to stay in bed and sleep.  screw you people.  and i’m getting paid for it, so suck it.”  kinda more fun than “ugh, gotta go in.  ACK! COLD!  ACK ACK ACK!!!!!” yaknow?

Posted in: general by attriel /
No Comments

most of today, at the office, was spent digging through mysql code, to figure out where and how it authenticates, so i could know where to try putting in the ssh key code

then, once i think i identified the right places in the daemon and the client, it was into the ssh code :o  after much tracing and file changing etc, here’s how SSH handles a key exchange (given public/private RSA keys):

client connects to server, they negotiate their communication, then:

• client identifies {A} as wanting to login, and chooses “no authentication, just let him in”
• server tells him where to shove it and offers some auth options
• client tries blah blah gets to key auth.
• takes MD5 of the public key
• hexadec encodes the MD5
• takes ssh communication ID+HEX and saves it as “msg”
• uses the private key to cryptographically encode (sign) msg
• sends msg and signature to server
• server receives this mess:
• server knows the ID and the public key, so it generates it’s own copy of MSG
• compares MSG and msg, if they mismatch, bad auth attempt
• if they match, and there’s a sig, it generates SIG of it’s own
• if sig and SIG match, authenticated

my first inclination is the need for a nonce (one-time randomly generated string) to pass back and forth.  but to be useful, server would need to encode it with public key so client can private decode.  but since there can be multiple keys on a single account for different purposes (such as i’ve set up accounts with a key that launches an automatic process and then logs out vs key2 which lets me log in properly), there’s no telling which key should be used for the encryption of the nonce …

and technically there’s no danger in passing around the public key.  it is, after all, public.  and with the (tiny bit of) entropy coming from the SSH communication ID, the signature will change, although the MD5 does not.  in the end, it boils down to, effectively, encrypting a few bytes of information (the ID) as everything else is static across every authentication.  it adds noise, however, since decrypting a bunch of short numeric messages would be easier than a long message, even if you know what the message says (which you do; it’s sent unencrypted first … I wouldn’t've done that either, TBH)

anyway, setting up MySQL should be … interesting.  I’ll have to put the public key in the database (so it can verify against, for a user) or in like /var/mysql/keys/ … pub key is required to verify the sig.  i might use it to encrypt a nonce, since i don’t (AFAICT) have a comm ID like SSH set up for such a purpose.  at which time, i may not bother sending the pubkey around.  server sends pub(nonce), client decrypts and sends pri(nonce), server decrypts and verifies nonce …

i’ll let you know how badly this fucks up ;)  and mysql can’ do SSL encrypted traffic unless client and server both have SSL certs, according to what I’ve read (i thought it could, so I may have found an old archive) … so i can fix that, or make this local-only (which makes more sense anyway)

Posted in: work by attriel /
No Comments

1.A as in Umm , Anar (Pomergranate);..2.AA as in Aunt , Aag ( Fire) ;..3.I as in India, Emli ( spice) ;…4.Ee as in East , Eent (brick) ;…5.U as in oops , ooloo (owl) 6.oo as in moon , oon (yarn)

A as in “umm” ??? AA as in Aunt … great, now i suppose it matters if you say aunt like “ought” or “ant” …

I as in India.  Great, which I?   is it “imli” or “eemli”?  (i think it’s the latter) …

U as in “oops” ??? there’s no U!  i guess we’re talking “upsy daisy” sound, since i say oops and moon with the same oo sound!

then there are 5 lines of consonants on the alphabet chart (5 each).  and 4 of the lines end in N.  different N’s.  that look nothing alike. and sound different.  but the text says they’re all “N” …

now i remember why this is hard to learn.  25 consonants. 10 vowels. 8 “semi vowels”. and then 10 variant vowels + 16 combination-letters; which apparently the variant vowels (“vowel marks”) don’t sound the same as the vowel in question, and the combination letters have new sounds.  and don’t always look like a combo of the original letters.  so, between 43 and 70 characters, depending on if you worry with the variant bits.  and even the basic ones are telling you to use sounds that aren’t in the word.

seriously, if I ever figure out hindi, I’m writing a book “Hindi for Americans” that will use words and accents of america rather than england.  nothing against london, and it was their language first, but even when the words are the same, the sounds are different.  and it makes a difference!

Posted in: hindi by attriel /
No Comments

found this site yesterday. shows how to pronounce the letters, how they look, how they combine, how they read, and even how to write them . so maybe i’ll try to learn hindi/devangari (devangari’s the script/written; hindi is the language, general)

http://www.ukindia.com/zhin001.htm

Posted in: hindi by attriel /
No Comments

i swear, i’m gonna make a new cat for security shit.  or programming shit.  or both, but they’d overlap a lot.  of course they overlap work most times, too.  go figure

anyway.  mysql5 (maybe 4) added the option for SSL Client Certificates to authenticate a user, instead of using passwords.  This is handy, if, for instance, you want to be able to log into a shitload of different databases without having to use a shitload of different passwords.  b/c using the same password a bunch of times would be bad.  except when it’s not (don’t get me started on security here; that’ll be another day i’m sure)

ssh uses keys.  which are generated from certs, in a way.  or are a part of a cert.  something like that.  definitely something.  the first s is the same in both.  and ssh uses a modified ssl (secure socket layer; just means the communication is encrypted, honestly; secure shell, means the shell itself is just a fucking shell.  the communication is encrypted however; go figure).  but ssh credentials are called “keys” and are, AFAICT, different from ssl “certs” (or certificates).  and ssh clients tend to have bundled an app called a “key agent” which monitors what keys you have, and then just presents the fuckers to the server when it asks, so it can say “oh, ok, yeah.  that guy, sure come in”.

which is what an SSL Client Cert would do for a mysql system.  (SSL usually refers to the server end.  HTTPS, server has a cert and gives it to the user saying “see, i’m me!  here’s my papers!”; client certs are the other direction.  you’ve verified the server (or you don’t give a shit) and now you’re presenting your papers “Ja.  I veesh to kom een.” and then the server says “ah, friedreich!” or throws you out a window onto a pile of luggage and says “no papers” to the other clients trying to connect so they all fish out their certs and wave them in the air)

so, my current (self proferred) task at work?  i’m trying to find a way to use ssh keys (which we all have if we want to log into anything more than our desktop and we forward around with ssh-key-agent and the ssh client/server encrypted secure communications SOCKET LAYER) to let me into mysql servers.  either turning a key into a cert (if there really is a difference (and i’m sure there is, lathough it may just be the cruft that a cert has that a key doesn’t worry about)), pulling a cert from a key (which i don’t think is possible, since certs have more (See preveious par-unethical comment)), or agenting a certificate (preferably t hrough the ssh-key-agent, which wouldn’t make any sense, or through some other agent that can piggyback into the ssh channel (uh, hello, encrypted?) and forward around the cert)

b/c, see, the private cert (ie passport) stays on you at all times.  you can’t just stick it on the server and figure you can just grab it when you need it.  b/c then when someone else breaks into your locker, they’re you.  i mean, they need a password, but those are relatively meaningless, b/c most people tend to use their birthday (july01) or their mother’s maiden name (jones) or something equally stupid.  coupled with the fact that they’ll tell anyone who asks what it is or how to guess it.  people are idiots.

i wonder if a cert, encrypted with a key, is secure … b/c then the key is the one you’re forwarding all over. .. except you don’t actually forward the key, rather you forward some fingerprint of the key or something.  b/c forwrding the key around is STUPID since the whole point is to keep it secure and close …

Posted in: work by attriel /
No Comments

all afternoon evening and night, eeeesh

bark bark bark bark bark.  i need to go pee.  i need more water.  i need to pee again.  i gotta go bathroom.  i wanna play.  i wanna sit on your lap.  i want you on the sofa.  i want to play.  i wanna sit on your lap.  i wanna get off your lap.  i wanna bitch at you b/c you’re still sitting down and i’m not on your lap and the fact that i went and got up isn’t relevant it’s all your fault i should be on your lap

bark bark bark

i’m not tired, i wanna do something, lets play, there’s someone at the door, they’re gone now, they’re back, they’re gone, they could have been back, this was a test, can i have a treat?

bark bark bark bark zzzzzzzzzzzzzzzzzzz

mr k went to camp this morning.  b/c mr k SERIOUSLY needs to be more tired :o  kind of starting to reconsider my idea of MTh static and then T/W optionals.  I wanna leave him MTh b/c then the people used to seeing him still get to see him an’ all.  but MWF might be better (although last night was one night off from camp, and he was full power, so not sure it would really help)

seriously?  he needs camp every day.  i don’t have the energy right now after work to take him out for a long walk.  and it’s cold, so he doesn’t want a long walk.  i let him choose the basics of the path.  he always chooses fields/library in the cold, never wants to go to the lake.  b/c it’s freezing (or below) outside.  can’t say i particularly blame him, I s’pose.  but the fields is 1.5-2.0 mi.  lake walk can hit 5 mi i think i measured last summer.  but camp every day?  that gets really expensive :/  and since i keep putting him in weekends so i can clean up large scale items in our declutter/clean process, and preparing for the floors to be redone, that’d be 7 days.  plus a few overnights on the weekend.  in january he’s in for a week (day and night) when they put in the new floors.

i may need to work the daily camp into the budget, though.  which of course means kiir has to take him in every morning, since i usually go for the 6:40 train, and dropoffs don’t start until 7:00.  which makes me too late for the 7:10.  dropping him off makes me a full hour later :/  which I’ll do if it comes to it, b/c i love my puppy, but damn is it annoying.  i need to find out if 7 really is earliest for dropoffs or if I can get him in earlier than that …

Posted in: k-line by attriel /
No Comments

so, there are two general mechanisms for testing:

blackbox is what most users are aware of.  You put stuff into the magic black box and answers come out.  you don’t care how it gets from A to B, as long as B is what it’s supposed to be

whitebox is the developers mechanism.  you put A in, then you follow it through the code/pipes/innards and verify that at each step it’s the B it’s supposed to be.  then at the end you get the answer.  it’s called “white box testing” because it’s the opposite of “black box”.  It’s also called “clear box” or “no box”; the idea being that black-box is big, black, and completely hides the internal workings.  whitebox lets you see the insides
whitebox is basically used in debugging code.  because if you put in A and get Z, you know there was a problem, so you trace it through A B C F … and you know where to look to fix it.

right now i’m debugging an app we’re upgrading.  and i get to do it through blackbox debugging.  I put stuff in, and see what comes out.  I can’t fix anything, but I keep narrowing down where the problem is.  As I find a case that doesn’t work (A53), I then narrow it down further to find the minimum required “bad A” that triggers the problem.  it’s a real pain in my ass, and it sucks.

there’s a reason why no one uses black box debugging.  IT SUCKS!  *sigh*

Posted in: work by attriel /
3 Comments

ugh.

i spent (as i’ve blogged) the lat month or so cleaning the house by steps and stages.  last weekend, after t-day, i was home by myself.  kiir was in atlanta with her folks.  k was at camp/playtime at the PetsHotel (kennel).  nothing all weekend except what i wanted.  I could play online (started eq2 again a few weeks ago) and not worry about it.  NOTHING TO DO.

i mean, except put away 7 baskets of her laundry in the master and disassemble the queen bed so they could deliver the new king.  and move the old queen to the basement.  fold and deal with the bed-o-laundry.  swap the spare room’s queen for our old queen.  laundry.  take her car in for maintenance.  friend’s party. sleep.  shred a ton of crap.  clean the basement room.  clean/touch up the living room and other areas that i’ve been through.  prep the house for my MIL’s visit this weekend.

sunday i said “fuck it” and played on the computer most of the day.  I got everything but the backroom and the touchup done, but figured i had this free time and ability to play on the computer, i wanted to play SOME at least.  mostly b/c i don’t usually get to play around hving to do all the cleaning tasks on our weekend schedules right now.  b/c there’s gonna be a baby so everything needs to be clean.

her mom’s in town this weekend.  then i need to spend the next few weekends cleaning the backroom and stripping the living room of whatever i can so they can strip the carpet and install hardwood first week of january.  so much cleaning!!!

and i 100% expect her mom to arrive this afternoon and comment on how messy the living room or basement are.  b/c, yaknow, the living room has a pile of stuff in the middle that I just never got around to processing and putting away.  mostly i could have thrown it on the sofa in the backroom and called it “handled” but I wanted to put it away WELL

Posted in: house by attriel /
No Comments