x509 Certificates

How do you create a self signed certificate (for SSL) that (don't know how best to put it) carries it's password with it. It is just for testing, I just want the certificate the be used by the server in its call to AuthenticateAsServer. I (eventually) was able to create a self signed Root Authority certificate like this:

makecert -n "CN=Test Root Authority" -r -pe -ss my -sr LocalMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 TestRootAuthority.cer

and from it create a self signed certificate:

makecert -n "CN=Test Certificate" -in "Test Root Authority" -pe -ss my -sr LocalMachine -is my -ir LocalMachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 Test.cer

Which works, as long as the server runs on a machine where the certificate is installed in the certificate store. It will not work if I try to just use the Test.cer file. That gives me:

The server mode SSL must use a certificate with the associated private key.

Regardless, I am still seeing the http connection attempt (that I am assuming to be a revocation list check or something) that I am trying to avoid. (thread on microsoft.public.dotnet.security)

Oh I don't know...

Spoke too soon!

None of the file operations work from the search results window.

I get “Interface not supported” errors... which I think could have something to do with it being a removable drive (or at least something to do with my specific removable drive) because I can't reproduce the problem using local folders... Grr...

Too late to start looking up error codes now.

Hey now that is cool.

Or: If you can look past the UAC prompts every time you do something outside of your Documents folder there are some neat features hiding there.

I was just looking at some files on my MP3 player. I was going to move some files that somehow got put into the Unknown Artist folder. I went into the folder where there are about five albums that must not have had the right artist info when I synced them.

Neat feature 1: The folder was being displayed as icons (I have not set up all my folders for view as details yet like I normally would...), go into the view dropdown (not sure that I like the fact that in one fell swoop we have decided that the menu bar is a bad idea...) to select details (so I can see the names better). What do I notice but there is a little slider on the left. I wonder what that does? It seems that (as vista is all vector icons and all) you can choose not only small or large icons, but 'any' size from small to HUGE. (We're talkin’ “My screen can show four icons at once” kinda big).

(Really) Neat feature 2: After playing with the icons for a bit. (“Look they're big. Ooh look they're small. Biiig. Widdle. Biiig... Weee” Ahem.) I right clicked on the ‘folder’ over on the left. (here again I don't like the look of that area, don't like the fact that there are no + symbols to tell if a folder had children... maybe you can turn this on somewhere?) Where is Search... Ctrl-F... no, that seems to try to execute a ‘crumb’ or something, which fails with an error and a tasty sounding *bung*. Where is the damn search. Well I'll be... There is is up there in the top right corner (just where it is in Explorer because I did not disable the search and install Google toolbar - trying the get the full Vista experience before I decide to replace everything with 3rd party tools.) And my doesn't it work well. Searching as I type... I like. Really. Search used to be bad on early XP, and then at some point it got totally fucked up (stupid search wizard, make me press back, sometimes I can't go back grr.) But this integrated search seems to work really well.

I like.

ASUS = ASUckS (for online software updates anyways)

One problem that I have with my new machine (other than not plugging in all of the power connectors at the start...) is that I am getting a μCode error on POST.

Seems like the BIOS needs to be updated for the latest Intel CPU stepping. Fine, no problem, I can do that.

Friday: Just go on over there to the ASUS support site... Hmm page not working. Saturday: Cool, page is up, search for P5B Deluxe, click on the WiFi edition... Click on downloads... hmm timeout. Saturday afternoon, Sunday: Nice, the downloads page is working now. Find the latest BIOS, there, download from USA - nope timeout, Global - instant timeout, Europe? - nada, China, Japan? - nope and no. Grr. Today: Yeah hay! It works... Well... from the Europe link anyways... But they (6.6MB, 9.6MB, 4.3MB) are downloading at 3.3KB/sec...

This is gonna take a while.

Gimme my gestures back!

Dammit.

Having installed Vista over the weekend I have to say that it does look kind of neat. I also have to say that I really fucking hate having to authorise every action two (or three!) times. The only way that I see to avoid this is to disable UAC after which Vista throws up it's hands and says “okay, no security for you!” and lets any application at any authorisation level do anything. Surely MS can do better than this? You mean to tell me there is no way to tell if a program execution or a file system change or any number of other things is initiated by a direct user interaction or by another running process? Damn.

If it is by a user interaction I should be able to say “You know what? I know what I am doing, if I double click on something I really, really (yes really) mean that I want to execute it.” “Yes I know that is a system file, yes I really want to delete it”. If it is the web browser or something trying the same trick, go ahead and warn me, but otherwise... stfu, ffs.

Worse, my favourite utility ever does not work on Vista. StrokeIt! Oh no! I need my mouse gestures. See, I usually use the mouse with my left hand, and as such ctrl-c ctrl-x etc are just a bit hard to do (without moving my hand from the mouse to the kb back to the mouse each time, and ctrl-c with the right hand is just out of the question), so I use mouse gestures. And let me tell you once you start with the gestures - you never go back. It is just so fast and natural that it really should be a system service. Dragging could really be considered the first ever gesture, it's just that no others followed after. Eg. I use drag up as copy, drag left as cut, drag down as paste. I have little squiggles that I use for inserting comments into source files etc.

I miss you StrokeIt, I hope the developers find the time to update for Vista (could be a mammoth task from what I have seen of the complexity of Vista’s API)

Broadband piggybackers

One other thing that I will be replacing this weekend is my WRT54G wireless router. It seems to be a bit fried, keeps loosing wireless functionality, appears a bit slow. So, they are cheap, I bought a new one.

Anyhow, I was just looking around in the setup of the old router (which I had flashed with DD-WRT actually - undecided whether I will bother again...) to make sure there were not any funky settings that I should note down. What do I see but the list of clients. There are two hosts there that I don't recognise(1). Heh, neighbours piggybacking my broadband... Well, one of them is not connected, and the other has about 11% signal to noise ratio - so they can't be having fun. I was just wondering though... If you were annoyed at your neighbours using your connection(2), maybe you could configure them into the DMZ. The DMZ in case you don't know, is the ‘demilitarised zone’, which means they are totally open on the internet. Normally our machines that are behind the router have only a NAT connection to the internet and thus most incoming requests are blocked by the router. So you accept the consequences if you forward a port from the router to your machine. Putting someone in the DMZ however, forwards all other ports (not forwarded elsewhere) to that machine. I wonder how much that would suck.

(1) Actually it's weird, one has 3 associated MAC addresses and the other has 2.

(2) To tell you the truth, I couldn't care less. I did have it secured before just for the fun of it, but in the end if someone really wants onto your router they can pretty much have it anyways. All the security really does is make it annoying for your friends and flatmates to use the router.

Delivery

Well the last of 3 boxes arrived from NCIX yesterday (other stuff that was out of stock in Vancouver which I ordered from SohoDiffusion here in Montréal was delivered on Tuesday). Nice and fast, everything seems to be there. Should do the build tonight. (Was very tempted to do it last night but needed to sleep) I am taking the day off tomorrow so tonight...

The Thermaltake case is quite neat looking for a cheap case. I should have waited a few days more to order the Microsoft keyboard - I saw their nice laser 6000 desktop just the other day for not much more than I paid for the comfort curve + optical wireless mouse. The Sapphire graphics card is huge and heavy. The Intel core duo is a bit smaller than the last Intel chips that I installed - P3 1GHz (into a dual processor machine 6 or more years ago). Plus it seems to have no pins, looks like it must be those little balls - I have not looked too closely.

So what do I think I need to buy still... 5.1 Headphones, Extra 500GB HDD(s), Wacom tablet, Games! (Oblivion, FEAR, ...) Bye bye weekend :)

Les yeux bridés

André Boisclair’s use of this term, meaning “slanted eyes” to refer to students (at a certain university) of Asian descent has caused quite a stir both locally and further afield. (M. Boisclair is the leader of the Parti Québécois)

He claims that in French the term is not derogatory, and that he uses it all the time without considering it a racist epithet. Other people here have said similar things to me over the last few days, and I have a few thoughts on the matter.

Firstly, how a term is considered by those who use it is probably not a good basis for judging the term offensive or not. Not too long ago it was natural and normal to refer to black people as 'niggers', to call black men 'boy'. Most of the people guilty of this would probably have also claimed to not see the offense in their words. 'Slanting eyes' was once considered the be inoffensive in English also. Perhaps if ‘yeux bridés’ is not now regarded as offensive, it should become so for the exact same reasons for the change in English. Secondly, it is not really the words (their exact definition nor nuance) that are the problem. It is the objectification, the focusing on characteristics and making generalisations designed to segregate the population into ‘us’ and ‘them’. It may not be that the word ‘bridé’ is offensive, but I assure you that calling out different groups by their attributes (physical, mental, spiritual, sexual, etc) most certainly is.

Mr “I am not a racist but” Boisclair, you do a disservice to your cause with your words, and more so by your self-defence after the fact. Let us not revisit hard fought battles of old over words - if someone is offended by your words, consider them offensive. Admit that you, as a white male in modern society, have ingrained racism (sexism, etc.). Racism that we all have been indoctrinated with from our earliest experiences. I feel it in myself. We are indefensible on that front. The best we can do, all that we can do, that which we must do with every ounce of strength within us it to fight these tendencies of ours, curb our words and deeds (as we can but hope to curb our thoughts). Then perhaps there is some hope for generations future. Hope that they will have not the slightest idea what racism might have been. It is the only way.

Do something!

And yes, doing nothing is also doing something. (Thanks Seth.) Though one could argue that it is perhaps not the right thing...

Will Durant said:

One of the lessons of history is that nothing is often a good thing to do and always a clever thing to say.

However I don't think one should get too hung up about being quite that 'clever' all of the time.

It is not slack that I lack Jack.

Polar(ised) fleece

I tend to be positive during the winter time. Positively charged that is.

I wear polar fleece most of the time and I find that I get a lot of shocks off doors and chairs and people. I just gave someone here at work a wide berth for fear of having all the dust-bunnies, pubes and cat-hairs stuck to his polar fleece leap across onto mine should I venture too close.

C# Reference types pass by value

(file under “stuff that I knew and forgot but wish I hadn't and probably won't ever again”)

Parameters in C# are, by default, passed by value.

That means that your function cannot modify the value of its arguments. You pass it an int i = 2 and even if internally it does i = 3, once the function returns you still have i == 2.

However for reference types, pass by value does not mean what you might think it means. A reference type is basically a memory address. That memory address is passed (sure enough) by value - the function cannot change the location of your object. But internal to the function the reference type is still pointing to the same location in memory. Thus any changes to the object within the function will be reflected in the calling context - the function will have side effects.

So what do I find in some of our code today?

void function (User user){

    User localUser = user;

    localUser.SomeProperty = "Not the value that you were expecting haha hoho";

}

Hrm. My calling context's value for SomeProperty is not what I was expecting. Seems someone had realised that the reference type was going to cause problems... “I know, I will make a copy of it and change that.” Unfortunately that will not work either. The assignment operator copies the value of the reference type (the memory address) not the object itself. I.e. it is not a deep copy.

How do you fix this? You make a function that performs a deep copy, and call it from within any function that receives your reference type as a parameter.

A good place for this function? A copy constructor. An overloaded constructor in the reference type class that takes one argument - a reference to an object of the same type. Then copies all of the properties to the new instance.

class User{

    public string UserName;

    User(User existingUser){

        UserName = existingUser.UserName;

    }

}

How do you enforce the “no messing with my data” rule? Well, the only thing that I can think of is “If you don't want people breaking your toys, don't lend them out” - only let them have a copy.

function(new User(MyUser));

What does explicitly telling a reference type to be passed by reference actually do? Not much as far as I can see.

Would it be nice if passing a reference type by value did something closer to what you might expect? (Could be done by internally making a deep copy of the object at the time of the call) Possibly.

Will I ever forget that “Reference types are always modifiable when passed as parameters”? I wish I could say no.

π

Happy Pi day.

3.141592653589793 is about as far as I can get

Pi Day

Me: "Hey, Wednesday is Pi day."

Computer Programmer: "Huh?"

Me: "Well, you know, March 14th. 3.14... We should celebrate at 1:59 hehehe"

CP: "Oh! Oh Pi! Yeah! 3.141516161616 all the way to infinity!"

Me: "Uhh... yeah."

Bang Bang

Breaking Open The Head is a wonderfully personal and earnest work on contemporary shamanism, visiting various realms of mind and spirit by way of the psychedelia of the 50s and 60s through to the present day.

Pinchbeck relates to us the story of his personal experiences with several sacred plants, revealing to us some of the insights granted him. Insights into the structure of the natural world, societies past and present, the lost ways of the ancients and humanity's future (fixed or otherwise).

I bought this book after seeing him on The Daily Show plugging his book 2012: The Return of Quetzalcoatl which after some inspection in the bookstore looked just a mite too much the tripped out ravings of a loony. Having now read his earlier work, I am going right back to get the other one. Not that I think he will convince me of the existence of the spirit word, but that I no longer assume that that is his intent, and that at least it will be well written and coherent. Really has me wanting to go back and open that door once again. Maybe even turn on the light this time...

Price Match

Well, well. All approved. I am impressed, and elapsed time of only 2 hours.

So far NCIX are making me happy!

Not the cheapest around, but what does that matter with price matching. Plus you can play breakout on the main page. Sweet.

Blogger editor

You suck too! Geez. I'm using it for 5 minutes (these three posts) and I already hate it. Mind you I imagine (hope) that it is configurable... or at least fixable with Greasemonkey.

Current list of peeves (not bad for a couple hundred words worth or use):

• no plaintext paste
• nasty formatting is kept even when you backspace it away
• anchor tag remains open if you link to the very end of the currently entered text

Why not just use the gmail editor? Is it just that I have never noticed these problems in gmail? Maybe I will go check that out - I don't usually bother formatting links that I sent to people.

Doubleclick

I was just at nytimes looking at an article about some guys' computer game canon and found something really annoying.

They have their doubleclick mapped to some useless contextual dictionary. Now I quite often doubleclick a word to highlight it to keep my place, I click around on stuff and sometimes accidentally doubleclick something. Why does the New York Times want me to stop doing this? Why use doubleclick anyway - it means that you can only search (reliably) for whole words, not for names, or words broken over multiple lines. No I don't need the definition of "at", nor that of "of all time: Spacewar! (1962), Star Raiders", thanks all the same.

If you really want to put this kind of reference on your site, do something nice and have a context menu when the user highlights a word or phrase. That might be useful.

Also, the lookup feature is not enabled in the actual "powered by Answers.com" dictionary - where it might actually be useful to drill down on other words that are unfamiliar. Well done.

I note also that there is an upwelling of support for this new tool.

Painless

Blogger to Google blogger. Simple as that: painless. I like Google.

Buying a computer from NCIX.com. Seems okay (just did it). Using their price matching feature... We will see if all my selections were "approved". Here's hoping.

Nearly 2 years no blogging. Painless? Sure.