amazon's stuff!

Volete leggere Ziogianni sui cellulari nokia?
do you read this blog on your nokia ?
my Amazon wish list

Yet Another Amazing Map

Hi! are you interested in wind ? Eolic turbines ?
This is for you: http://earth.nullschool.net

It is amazing i really hope to have some spare time to study this page, and some more spare time to analyze some of the raw data… (if available).

linux and video processing on command line.

Hi got some videos to merge together. These videos was coming from eterogenous devices… Tablets, mobile phones, handycams, webcams.

I was really near to lost both my temper and command line habits. I installed some graphical video editor on my laptop… But they was not able to give me a quick and fast solution. So I returnd to my command lin habits. I have installed MP4Box (gpac package on debian ). But I solved the problem using mencoder.

The problem terms:

  • mp4 files
  • different resolutions
  • different audio

The solution:
for every video file:

mencoder file.mp4 -vf scale=640:320 -ovc x264 -oac mp3lame -o file.rid.MP4

And then:

mencoder file0.rid.MP4 file1.rid.MP4 file2.rid.MP4 file3.rid.MP4 -ovc x264 -oac mp3lame -of lavf -o output.mp4

At this point you can use/re-encode it…

  • mysql and deprecated “things”

    Hi, i was performing an update on a “centos” test bed machine.

    I was not happy to discover that an old php site was no more operational. So I was puzzled, and unhappy. The first thing that i have done was to read the log and verify that the upgrade operations gave no errors.
    I upgraded to: mysql-server-5.5.

    No errors. So what? I asked to google and so i learnt that mysql dropped and changed some things.

    “find” and “send” was very good friends to fix the problem.

    The “changed” things that have affected my poor old php scripts:

    • TYPE=MyISAM must change in ENGINE=MyISAM
    • TIMESTAMP(14) must change in TIMESTAMP

    An example: sed -i.bak '1,$ s/TYPE=MyISAM/ENGINE=MyISAM/g' .

    So now i have to check if the new behaviour of timestamp impacts on other points of my scripts…

    I will see, but it is evident that my approach to test on a “test bed” before to implement in a production system is correct.

    I suggest you to copy my approach.

    privacy and messages… (mala tempora currunt? )

    Seems that in this period, a lot of people is involved in “eavesdropping” the people’s communication. Seems that both data and voice communications are involved.

    So just now I bring you some links to some app that maybe can help you to maintain a ‘bit’ of privacy:
    (I will just enumerate these app… if possible i will give you the link on wikipedia, and please remember that i prefer open source applications when possible)

    So seems that YOU CAN DO SOMETHING TO PROTECT YOUR PRIVACY…

    About otp tokens

    In these economically troubled times (or, at least are trouble times for the country where I live: Italy) I am involved in some projects themed on otp/totp. So I have to inform myself about pros and cons of this interesting technology.

    ‘OTP Token’ seems a technoloy far away from our day-by-day life. It seems far away from us in every aspect of our life. But if you start to think about “scratch card” maybe otp tokens technologies may appear quite near. If you have an on-line bank account, maybe you are already accustomed to this technology.

    Maybe you want to know some of the “technicality” behind these fancy tokens:

    Maybe now, you knows everything and, maybe not. However i am not a crypto-analyst, nor a “mathemagician” but I am a mere it worker. I was interested in the physical thing also. Incidentally in the proceding of my study, I have developed some (interesting?) code in php that you can find here and, here) .

    I found this interesting page from a (former?) otp token seller: www.gooze.eu. It is an interesting text. The important things (from my point of view) are their statements about the “seed” security. Seems to me that they are not trusting anymore the whole seed management system. Maybe they know something that we don’t know (yet) ?

    However, from my point of view, this not sufficient to make obsolete this technology. But is sufficient to make me think that open techonolgies/open proceedings does it better. Maybe it is sufficient to use a “seed configurable” software otp token”. Can we trust our mobile phone sufficiently to install one of these software apps?

    Sorry to make you unhappy, but “only paranoid will survive”… Or not?

    Identification? (Identification in a networked reality: some simple words)

    Identification in a networked world is not so simple… in the real world we can count on both our sense and the “ring of trust” of friend/”trusted” persons. Into the net we can only check the provenience of the incoming requests, the omniprerent couple: “username” and “password”, the public key, and finally the callback (tipically implented sendind a “token” by sms or e-mail).

    Seems that the majority of peoples and web sites are still relying on username/password… The same method used by roman legions for their nightwatch.

    However, there are other way to identify someone/something that is web request on internet today. The above mentioned method to identify someone rely on the assumption that the identifying part have all the informations (and resources) necessary to perform the identification procedure in a correct and secure way.

    From this point will identify “the client” as the someone/something that is making web requests on internet, and “the server” as the computer that answers (hopefully correctly!) to these questions.

    So what if the server demands the identification of a client to third party ? Is it useful ? Have we some useful tools/standard ready to use?

    The answers:

    • we can semplify the identification procedures and we are no more bothered by personal data and e-mail of our beloved users!
    • yessssss! it is really nice
    • yess and you find some of them already selected and ready to be used!

    Standards (i am using the word in a quite incorrect way making confusion between standard and set of api… ) :

    In brief: I like the first two. OpenID is about authentication and OAuth is about authorization… But for this post I will treat both as the same thing :-) .
    So now we konw that we can authenticate/identify a client using a third-party service.

    (I used the third one too but it is not relevant in this post)

    A step back:
    we can identify a client if the informations given by a device in its own possession coincides with the data that we aspect… This is a quite involute way to introduce the OTP (One Time Password) and the TOTP (Time-based OTP).

    Can we have (T)OTP on OATH/OpenID? my answer is yes.

    Now remain on (T)OTP: these nice things were my food in the last two months… I loved the following links:

    So I am happy to inform you, that if you are interested to these things, in next few days i will write other posts on these things, I will publish some free code implementing a test TOTP solution, and I will try to convince some business partners to give me the permission to publish info about some nice info crypto device.

    Stay tuned!

    no encryption in ssh?

    Hi to everybody… sorry for the “latency” between the latests posts… But i was very busy on some crypto/net/social things… I really hope to show something really soon.
    For now this information: if you love ssh and use it for connection/s, file/data transfer, vpn to solve some (inexistent) routing problems, you will be aware of the computational costs of both data compression and data encryption. In some cases i have to transfer a lot of data on already secure connections using scripts referering some tools of openssh family. I really miss the ‘-e none’ switch. Good that oday i have found that i am not alone, and, that some guy implemented a set of patch to give us back this lovable switch.
    The url of this lovable thing is: http://www.psc.edu/index.php/hpn-ssh.

    I relly hope thatyou will enjoy these patch (btw i am still compiling … )

    linux usb devices problem: solved! or at least patched….

    Today i have found this article: https://plus.google.com/u/0/116960357493251979546/posts/RZpndv4BCCD… She had found a possible explanation for the issue on xHCI devices… We will see but the article seems really interesting to me … I suggest to read comments too…

    slide on the web

    Recently i have spent some time to search and choose a free slide service on the web.

    I have evaluated a lot of services, some of these services had a license too much complex for my needs, some other had an user interface that simply do not like to me. ..

    So the shortlist follow:

    You can find other interesting site from: http://www.webuildlink.com/presentation-sharing-sites-list/.

    Some words about my criteria:
    - i want a place where i can put my technical slides (some presentations, some projects some it-related-courses-slide)
    - i want a place where people can easily find it
    - i want a place compatible with both fdl and cc license
    - i want a really simple user interface

    Just now i have put the first slides on speakerdeck.. if you are interested in router “reconfiguration” and are able to understand italian: https://speakerdeck.com/gvieri/mie-slide-x-linux-day-2012 .

    I am testing the service… So we will see! :-)

    Floating-Point (arithmetic) and its real-life impact. =UPDATED=

    I am well aware that the “A” word (arithmetic) in title it is not a good idea… Normally it is a really bad idea. But this post seems interesting and important to me, so important that i have to put the “A” word in title…

    Before to start please make some “common ground” please read:

    So now we know that the “same” program with the same data can give different results. These difference can be related not to the programs but, to the underlying “math library”, operating systems, and different hardware.

    But these programs are really complex… how can these (interesting?) facts impact our daily lives?
    Try to imagine what happens if the simulation of your real-estate mortgage run on these affected systems. Try to imagine if one of the chemical simulation software used to verify the new drugs is affected by these problems…

    Try to imagine too if some of software used to recognize suspect’s faces are running on these systems…

    Now you can put a stop to your imagination, and maybe you can start to love bcd math libraries.

    I confess that i started to love bcd math hardware 25 years ago… I still love it. Maybe, you should love it, too! :-)

    And now a citation: “Contemplate this on the tree of woe” …

    Now after that you contenplate enough start to read this: https://randomascii.wordpress.com/2013/07/16/floating-point-determinism/

    …. This article probably contains both the best explanation of the problem, and contains some part of solution too.