amazon's stuff!

Volete leggere Ziogianni sui cellulari nokia?
do you read this blog on your nokia ?
my Amazon wish list

ssh protocol and “stalled” connections…

Lately some friends and some clients, called me with a strange problem: sftp, ssh and scp connections were stalled. I started to think that the “other side” was the problem’s source. BUT lately I noted that they have some shiny, new routers in their networks. This was acting as a warning bell in my mind so, I started to investigate … I found that some recent shiny routers had some problems on the ssh protocols. So if you have this kind of problems you have to use a search engin to verify. If you are not willing to verify this fact you can try the solution:

ssh -oIPQoS=cs0 -c < cypher > -Xl < user > < host >

Now: it seems that these shiny new router have some firmware’s problem that implies with qos. Some of them show this behaviour only in “ADSL” mode and not in “VSDL” … I will not distrurb you with some words on qos … But if you are not sure about the qos’s implications i strongly suggest you to read: Class_of_service.

 

 

about wordpress query loop

I really love wordpress… I use it for both fun and profit. So, it is normal for me to develop some web sites using wordpress. Lately I have developed i site for a “fashion store”. The shop owner asked me to have the admin interface in Italian (she is italian). So I have installed the right files and she was happy. Her happiness vanished when she tried to make a post on his ow query_posts(“lang=it,en”);... This was not successfull... But query_posts("lang=it"); was ok. All the "italian" editor's messages were correctly shown ... but no one of the messages posted from "not italian" editors was shown. However I continued on the right way so I have writen:

$myownargs= array (
'post_type'=> 'post',
'meta_query' => array (
'relation'=> 'OR',

array(
'key'=> '_locale',
'value'=> array ('it_IT','en_US'),
'compare'=> 'IN',

) ,
array(
'key'=> '_locale' ,
'value'=> 'en_US',
'compare'=> 'LIKE',
),
array(
'key'=> '_locale' ,
'value'=> 'it_IT',
'compare'=> 'LIKE',
)
)
);
query_posts($myownargs);

Not good... not good at all...
So I have forgotten the "right manner" and i returned to old way ... sql statements plus a nice wordpress object:


global $wpdb;
$myownquery="select * from $wpdb->posts where post_type='post' and post_status='publish'";
$myownres=$wpdb->get_results( $myownquery );

if ( $myownres ) {

foreach ($myownres as $post) {
setup_postdata( $post );

.......

This, definetely solved the issue.
The moral of this story is: "the meta are nice but sql statements are useful" ...

Yet Another Amazing Map

Hi! are you interested in wind ? Eolic turbines ?
This is for you: http://earth.nullschool.net

It is amazing i really hope to have some spare time to study this page, and some more spare time to analyze some of the raw data… (if available).

linux and video processing on command line.

Hi got some videos to merge together. These videos was coming from eterogenous devices… Tablets, mobile phones, handycams, webcams.

I was really near to lost both my temper and command line habits. I installed some graphical video editor on my laptop… But they was not able to give me a quick and fast solution. So I returnd to my command lin habits. I have installed MP4Box (gpac package on debian ). But I solved the problem using mencoder.

The problem terms:

  • mp4 files
  • different resolutions
  • different audio

The solution:
for every video file:

mencoder file.mp4 -vf scale=640:320 -ovc x264 -oac mp3lame -o file.rid.MP4

And then:

mencoder file0.rid.MP4 file1.rid.MP4 file2.rid.MP4 file3.rid.MP4 -ovc x264 -oac mp3lame -of lavf -o output.mp4

At this point you can use/re-encode it…

  • mysql and deprecated “things”

    Hi, i was performing an update on a “centos” test bed machine.

    I was not happy to discover that an old php site was no more operational. So I was puzzled, and unhappy. The first thing that i have done was to read the log and verify that the upgrade operations gave no errors.
    I upgraded to: mysql-server-5.5.

    No errors. So what? I asked to google and so i learnt that mysql dropped and changed some things.

    “find” and “send” was very good friends to fix the problem.

    The “changed” things that have affected my poor old php scripts:

    • TYPE=MyISAM must change in ENGINE=MyISAM
    • TIMESTAMP(14) must change in TIMESTAMP

    An example: sed -i.bak '1,$ s/TYPE=MyISAM/ENGINE=MyISAM/g' .

    So now i have to check if the new behaviour of timestamp impacts on other points of my scripts…

    I will see, but it is evident that my approach to test on a “test bed” before to implement in a production system is correct.

    I suggest you to copy my approach.

    privacy and messages… (mala tempora currunt? )

    Seems that in this period, a lot of people is involved in “eavesdropping” the people’s communication. Seems that both data and voice communications are involved.

    So just now I bring you some links to some app that maybe can help you to maintain a ‘bit’ of privacy:
    (I will just enumerate these app… if possible i will give you the link on wikipedia, and please remember that i prefer open source applications when possible)

    So seems that YOU CAN DO SOMETHING TO PROTECT YOUR PRIVACY…

    About otp tokens

    In these economically troubled times (or, at least are trouble times for the country where I live: Italy) I am involved in some projects themed on otp/totp. So I have to inform myself about pros and cons of this interesting technology.

    ‘OTP Token’ seems a technoloy far away from our day-by-day life. It seems far away from us in every aspect of our life. But if you start to think about “scratch card” maybe otp tokens technologies may appear quite near. If you have an on-line bank account, maybe you are already accustomed to this technology.

    Maybe you want to know some of the “technicality” behind these fancy tokens:

    Maybe now, you knows everything and, maybe not. However i am not a crypto-analyst, nor a “mathemagician” but I am a mere it worker. I was interested in the physical thing also. Incidentally in the proceding of my study, I have developed some (interesting?) code in php that you can find here and, here) .

    I found this interesting page from a (former?) otp token seller: www.gooze.eu. It is an interesting text. The important things (from my point of view) are their statements about the “seed” security. Seems to me that they are not trusting anymore the whole seed management system. Maybe they know something that we don’t know (yet) ?

    However, from my point of view, this not sufficient to make obsolete this technology. But is sufficient to make me think that open techonolgies/open proceedings does it better. Maybe it is sufficient to use a “seed configurable” software otp token”. Can we trust our mobile phone sufficiently to install one of these software apps?

    Sorry to make you unhappy, but “only paranoid will survive”… Or not?

    Identification? (Identification in a networked reality: some simple words)

    Identification in a networked world is not so simple… in the real world we can count on both our sense and the “ring of trust” of friend/”trusted” persons. Into the net we can only check the provenience of the incoming requests, the omniprerent couple: “username” and “password”, the public key, and finally the callback (tipically implented sendind a “token” by sms or e-mail).

    Seems that the majority of peoples and web sites are still relying on username/password… The same method used by roman legions for their nightwatch.

    However, there are other way to identify someone/something that is web request on internet today. The above mentioned method to identify someone rely on the assumption that the identifying part have all the informations (and resources) necessary to perform the identification procedure in a correct and secure way.

    From this point will identify “the client” as the someone/something that is making web requests on internet, and “the server” as the computer that answers (hopefully correctly!) to these questions.

    So what if the server demands the identification of a client to third party ? Is it useful ? Have we some useful tools/standard ready to use?

    The answers:

    • we can semplify the identification procedures and we are no more bothered by personal data and e-mail of our beloved users!
    • yessssss! it is really nice
    • yess and you find some of them already selected and ready to be used!

    Standards (i am using the word in a quite incorrect way making confusion between standard and set of api… ) :

    In brief: I like the first two. OpenID is about authentication and OAuth is about authorization… But for this post I will treat both as the same thing :-) .
    So now we konw that we can authenticate/identify a client using a third-party service.

    (I used the third one too but it is not relevant in this post)

    A step back:
    we can identify a client if the informations given by a device in its own possession coincides with the data that we aspect… This is a quite involute way to introduce the OTP (One Time Password) and the TOTP (Time-based OTP).

    Can we have (T)OTP on OATH/OpenID? my answer is yes.

    Now remain on (T)OTP: these nice things were my food in the last two months… I loved the following links:

    So I am happy to inform you, that if you are interested to these things, in next few days i will write other posts on these things, I will publish some free code implementing a test TOTP solution, and I will try to convince some business partners to give me the permission to publish info about some nice info crypto device.

    Stay tuned!

    no encryption in ssh?

    Hi to everybody… sorry for the “latency” between the latests posts… But i was very busy on some crypto/net/social things… I really hope to show something really soon.
    For now this information: if you love ssh and use it for connection/s, file/data transfer, vpn to solve some (inexistent) routing problems, you will be aware of the computational costs of both data compression and data encryption. In some cases i have to transfer a lot of data on already secure connections using scripts referering some tools of openssh family. I really miss the ‘-e none’ switch. Good that oday i have found that i am not alone, and, that some guy implemented a set of patch to give us back this lovable switch.
    The url of this lovable thing is: http://www.psc.edu/index.php/hpn-ssh.

    I relly hope thatyou will enjoy these patch (btw i am still compiling … )

    linux usb devices problem: solved! or at least patched….

    Today i have found this article: https://plus.google.com/u/0/116960357493251979546/posts/RZpndv4BCCD… She had found a possible explanation for the issue on xHCI devices… We will see but the article seems really interesting to me … I suggest to read comments too…