I have recently created a series of video tutorials in which I explain how to create an analog of fortune and cowsay for Windows.

The software is written in Python (so it is actually cross platform), the tutorials are entry level. If you have some basic ideas about programming, you should not have problems figuring out what is going on.

My primary objective is to use it as an aid in teaching. It would be wonderful if more of my students used Python, so I hope I can point them to the videos and expose them to the beauty of the language.

There are a few analogs of fortune for Windows, but they are graphical applications that display the text in a separate window; whereas I want the messages to be shown in the console automatically.

There is also a cowsay equivalent, but I figured that since it is rather easy to make a simplified alternative of my own - I'd just use it as an excuse to create a few more screencasts.

The covered subjects:

• how to use Python's interactive mode for experiments
• analyze the HTML structure of a site and find the desired data
• how to write XPath queries to extract content
• Python lxml - how to use XPath in Python
• retrieve HTML pages with urllib
• SQLite - how to devise a simple database schema
• how to use SQLite in Python
• ASCII art, how to find images of characters and render them in Python
• find a way to integrate the the software in the Windows command line interpreter (cmd.exe)
• putting it all together and watching the system in action

Yes, if you look well enough, you can find existing versions of these programs that run on Windows. But a screencast about running two programs is not as cool as one about creating your own, right? :-)

Have fun watching and feel free to ask questions. Here's the intro (don't forget to switch to HD quality):

Read more »

One of my recent challenges involves searching data in LDAP directories. After experimenting for a while, I had to test the code. The plan required setting up my own server, configuring it and populating it with some dummy data. I was not enthusiastic about it, because that would extend the scope of the experiment and take a lot of time.

But I got lucky! It turns out there are a lot of public LDAP servers that can be accessed anonymously. In a matter of minutes I was sifting through mountains of interesting data. The juicy part is that the details are tightly correlated - I don't see just emails or just names; I see the name and the email address associated with it. Depending on the directory schema, there may be other data available.

This is a great deal for spammers - email addresses are accompanied by names, and you know which country the person is from (usually derived from the c part of a dn [distinguished name]):

dn: uid=11260,cn=Berliner Volksbank e.G. CA 2004 1,o=Berliner Volksbank e.G.,c=DE
mail: holger.r*****@berliner-volksbank.de
o: FIDUCIA IT AG
c: DE
sn: R*****
cn: Holger R*****
objectClass: person
objectClass: organizationalPerson

Since many directories are hosted by universities - you can also see which department the person has joined. In this example, you can also see a timestamp that tells you how fresh the data are:

dn: uid=aaa258,ou=Students,o=New York University,st=New York,c=US
cn: Alicia A Alc****ra-Hewitt
cn: aa***8
givenname: Alicia A
surname: Alc****ra-Hewitt
uid: aa***8
mail: aa***8@nyu.edu
o: New York University
ou: Steinhardt School of Culture, Education, and Human Development
description: Student
sn: Alc****ra-Hewitt
createtimestamp: 20120120152644Z

Some directories provide information about mailing lists, which include the email addresses of every subscriber:

('cn=bosto****ociates,ou=User Groups,ou=Groups,dc=umich,dc=edu',
{'member': ['uid=al***at,ou=People,dc=umich,dc=edu'],
'objectClass': ['top', 'rfc822MailGroup', 'umichExpire'],
'owner': ['uid=al***at,ou=People,dc=umich,dc=edu'],
'rfc822mail': ['mbu***4@gmail.com',
'ck***eyw@hotmail.com',
'pjk***ner@yahoo.com',
'katemr***ardson@gmail.com',
'es***e@umich.edu',
'jeffreyc***ens@gmail.com',
'sm***rett@gmail.com',
'gl***on.katie@gmail.com']})

In some cases emails are not shown, but knowing a person's name, their email address can be guessed. For example, if you know my name and the pattern for addresses in my company - firstLetterFirstName dot lastName @ company.com, you figure out what the email address is.

Phishers and spammers can exploit this - by targeting and tweaking messages such that the recipient cannot easily discern a phishy message from a real one.

Another handy aspect is that the data are stored in an "easy to use form". For example, many directories have web-based search front-ends, you can run search queries and parse the resulting HTML to extract the data. In contrast, with LDAP you just do the query and extract the data in the form of "a large, properly formatted data file" (see the example above, it was taken directly from a Python console - the emails are in a list, everything is in a dictionary).

If you think about it, you'll probably ask "But isn't this the point of a public directory?". Yes, that is what such directories are for. Unfortunately, this also exposes a lot of personal information that can be used to craft sophisticated phishing attacks.

Some directories provide phone numbers too. You can either spam these people to death with voice robots (it is easy to automate this with Asterisk), or you can rely on this information to refine your email phishing campaigns. After sending them an email, you can call - thus making the email appear legitimate. A skilled social engineer can be very persuasive.

On the bright side, there were several LDAP directories that:

• imposed limits on the number of returned search results
• denied access to some parts of the directory
• used a GUID instead of a real name (supposedly that identifier can be linked to a person in some other database)

If I ever turn to the dark side, LDAP servers would definitely be a top priority in my evil experiments.

Taking notes when reading books is very helpful, if understanding and memorizing is what you want. The more times you process an idea in your head, the likelier it is that the idea will stick to you. I developed the habit of taking photos of fragments I found interesting, such that I could get back to them later and quickly sift through the notes, instead of having to go through the whole book again.

Prior to this, I used to takes notes on paper, but that raised several problems - I use different copy-books, I don't always have them with me; paper cannot be searched, thus the notes had to be digitized. That takes time and feels like doing the same work again. I then tried to write the digital notes as I was reading - that didn't work well, as it kept me tied to computers. I found a better solution that is less advanced, but is good enough for practical purposes - photos taken with a mobile phone.

The photos are published online - anyone can comment and exchange opinions. This brings us closer to a knowledge should be free world. As a result, my friends, colleagues can get involved, and so can perfect strangers! This turns reading books turns into a social activity.

Distilling books is the process of extracting key-ideas from a large text. The trick is in compressing a 500 page book into a set of 50 pictures that can be reviewed in half an hour. If you've read the book in the past - these snapshots will help you rebuild the big picture; if you haven't - they will help you decide whether you want to read the book or not. For an uber-lazy person, the distilled notes can serve as a replacement for the real thing (lossy compression is better than nothing).

The tools I rely on:

• Skitch for Android lets me take a photo, crop it and highlight the passages I'm interested in;
• Facebook for Android lets me publish photos directly from my mobile. I set the album properties to 100% public, so anyone can view them;
• Prior to becoming an Android owner, I took photos with a digital camera and edited them with GIMP or Paint.NET, depending on which computer was closer to me. This is very flexible, but it cannot be done "on the fly" (i.e. while I read), thus some photos were not posted because they got "lost in space". Doing everything on the mobile phone makes the process much smoother and "lazy-proof".

Here's a list of books that have been distilled so far:

• Punished by rewards by Alfie Kohn - a book about motivation and rewards in schools, at work or at home. As the title says, rewards are actually punishments, they can seriously undermine one's performance; this applies to children and adults. The book mentions a lot of experiments, there is plenty of evidence.
• The most human human by Brian Christian - you think you think? Think again! The author analyzes different aspects of the Turing test and delves into many related fields. The book has a lot of interesting examples, excerpts from Turing test conversations, references to historical events and old philosophers. There are plenty of jokes too.
• Intimate relationships and A general theory of love - two books focused on human relationships: mother-child, romantic relationships, friendship, sexuality. This is a scientific book, with charts and references to statistical data.

All new books will be added to the "book distillery" section of this site. I will be very happy to extend this list with your contributions, please keep in mind that:

• the photos must be public, you can post them anywhere, as long as anyone can view them without having to sign up;
• the photos must be of a decent quality, the text must be sharp and readable.

Enjoy reading!

If you're a fan of Worms, the classic game, you are probably asking yourself how to play it on a modern system. An easy solution exists, I will summarize the key-points that steered me into the right direction.

• Worms Armageddon is the latest version that is still being updated. I thought it was Worms World Party (it was released ~2 years after Armageddon), that's why I kept tinkering with it, to no avail. After some digging, I got in touch with one of the game's maintainers (CyberShadow, who happens to be a guy from Moldova). He confirmed that:

  • Armageddon is the latest version.
  • It runs properly on 64-bit Windows 7.
  • World Party is outdated, no need to bother with it.
• You have to apply the latest updates to actually make it work; here's a changelog.

As a result of these operations, it works on my computers (Win7 x64 and Linux):

• With an on-board Intel graphics card, while online forums are filled with "Intel card - no luck" comments.
• There is no need to kill explorer.exe or employ any other form of voodoo magic.
• It works with resolutions above 1024x768, including exotic ones - such as my laptop's 1400x1050.
• It also works on everything else (Vista, Windows 7 32-bit, XP, etc).
• It also works smoothly on Linux under WINE (verified on Linux Mint 11, x86).
• My only complaint is that it requires admin rights, but I can live with that.

Now what?

1. Buy the game on Amazon.
2. A no-cd patch can be found on Gamecopyworld, to increase convenience.
3. Worms Wiki - the place to learn about neat tricks that can be applied in the game.

If you know my whereabouts, I happen to have an archive that has all of the above in it, just unzip and run the EXE.

Let the battles begin!

Disclaimer: I am not a lawyer, I wrote this for personal reference. If you find some inconsistencies or incorrect statements, please let me know - I'll apply the corrections.

This article provides short, plain English descriptions of different open source license types, so you can rely on it when deciding whether a component is suitable for use in your commercial program, or which license to use for your products.

It is opimized for shortness and for being clear to non-experts.

Beer vs freedom

Free as in "beer" vs free as in "freedom" - you must've seen this a zillion times all over the web:

• Beer - when a person says something is "free", they usually mean the cost is zero
• Freedom - in the world of open source software, "free" means that you have the freedom to review and create derivative works. This is about liberty, not about money.
• In fact, open source software can be sold for money, no one prohibits that. However, you must provide the source code too.
• FLOSS - free/libre open source software - this means that you can see the code and you get the freedoms too
• "Open source" doesn't always imply "libre" (i.e. free as in "freedom"). For example, a piece of code can be open source, but it may be an implementation of a patented algorithm, so you really can't use it unless you pay royalties to someone.

Read more »

Although it feels like meat grinders have been around since the beginning of time, they are a relatively new toy. The first one was built in the 19th century, by Karl Drais; the same guy who created the velocipede - a proto-bicycle.

Every time I have to use one of these, I am facing the meat grinder's dilemma. In plain English:

Which way does the knife go in?

Aaaaah! You've been there too, haven't you?

Read more »

Many moons ago, if you happened to see a nice girl, it would take many weeks of "hanging out in the same area" at different times of the day, hoping that chance would intersect your paths again.

You would ruminate on that memory of her fading in and out of your view. You would keep guessing and imagining who she is, what she does and what kind of music she prefers.

And maybe... maybe, if you were a good guy (take the trash out, keep the house clean, do your homework and help your neighbors), the planets would align in your favour and you'd get the chance to have another glance at her fair face.

***

All you have to do today is sift your friends' photographs and look for that charming smile.

You will shortly find out her name and see that you have 19 friends in common. In 10 minutes you will know which other countries she visited, which movies she likes, where she studied, where and with whom she works.

If you get lucky (I did), she'll show up at the top of your news-feed, tagged in the photo of someone you know.

After a few more clicks, you might even see a pic of her handsome boyfriend and discover that she's friends with the people you were in a relationship with :-)

Welcome to the present! Mwahahaha!

A Railean well is a hypothetical structure designed to trap humans who chose regeneration as their super-power. Typically, this is achieved by adding ε to whatever limit the trapped person can overcome.

Read more »

Writing requirements for practical assignments is not easy. Anyone can do it, but it takes some skill to make them interesting, challenging and fun to tinker with.

I always try to make my specs special, by adding easter eggs, pictures or hidden references to jokes related to the material. I was very glad to find out that a student from an earlier group was interested in writing assignments for the new groups. Having received the assignment, I was able to compare our writing styles and revealed some interesting deltas. I am sharing my findings with you.

The requirements for good... requirements are:

• no ambiguity - there should be one way to interpret the text - the right way;
• no redundancy - too much text makes the task look complicated. That's good, if you want to scare your students;
• clear wording - otherwise the assignment becomes difficult. Not due to its complexity, but because of the convoluted representation.

This story focuses on the last requirement.

Read more »

I want to write
the saddest poem,
that is how I feel.

But now it strikes me
I will fail - tomorrow
will be sadder still.

Read more »