Category: Nerd Stuff

April 1, 2016

A Modest Shitpost Proposal (Or, Shitposal)

I’m blown away by the vigor that the SCP community jumped on the Crack Fiction Contest with. I’m not sure if it’s because it’s allowing for low-level funny posts, or because of the super-short notice, less than a day to go from title to execution. Whatever the reason, there’s a lot of latent excitement there. I am thus wanting to seriously consider a spin-off wiki that does nothing but short-term events, for a couple of reasons.

Firstly, these contests are incredibly disruptive when we do them on the main wiki. It positively fills up the newly created queue, drowning out unrelated mainlist entries and tales, drowning out requests for critique, and generally derails the site for the duration of the contest.

(Note, I am not advocating that there should never be contests on the main site, just that when they occur pretty much nothing else can.)

Second, some people just work better with a writing prompt, and there’s really no limit to how the prompts can work. It will result in an altogether different content then what’s on the main wiki, and logically they should probably be separated as people looking for one type of content aren’t necessarily interested in the other. This is a similar reasoning to the aborted attempt to run regular fuel contests on /r/scp which would become a writing prompt, ultimately axed because it would be too disruptive to do on the main site regularly (see the first point) and Reddit wasn’t a good place to host the content.

Third, it will give me a good way to get live Admin-level access to a working, active wikidot wiki to better build out PF, should the time come that we actually incorporate. I have put out there that I will not continue development of Project Foundation until … (More) “A Modest Shitpost Proposal (Or, Shitposal)”

March 18, 2016

Ransomware is the future.

(crossposted from bluesoul.me)

When I first started fighting ransomware in late 2013, I had a premonition that this was something serious. While CryptoLocker was rather easily defeated in the enterprise and ultimately killed by killing the botnet, media outlets and tech sites ran with the story. It showed this small group making millions and millions of dollars. Guess what? More people started writing ransomware.

Cut to now. Ransomware-as-a-service is a real thing you can buy, some variants have live chat support to receive payment, and we routinely see new versions with bugfixes and feature-adds. One of the last major flaws in ransomware, the inability to enumerate non-mapped network shares, was overcome in the latest Locky build that calls WNetOpenEnum() to attempt to traverse every share on the network.

For several years, the endgame was more abstract. Hit the PC with your rootkit, join it to your botnet, sell botnet access to spammers for a fee. Now they can cut out the middle man and have less overhead, since there’s not a need for constant command-control oversight. It’s a path to riches hampered only by the still-high knowledge barrier to acquire and send bitcoin. And by affecting the user’s files, rather than a popup about the FBI or TotesLegit AntiVirus which can simply be fixed by backing up the data and nuking the PC, you’ve got them at your mercy.

This is going to get worse way before it gets better. You’ll see builds that try to invoke APIs for popular cloud storage providers to delete the versioning. They’ll find ways to avoid taking ownership of a file to quickly spot the vector of infection. While it’s almost impossible to be truly proactive to effectively block ransomware, there are things that can be done.

  • Avoid mapping your drives and hide your
(More) “Ransomware is the future.”
March 10, 2016

Wheneverly

As I alluded to in my last entry, I tend to become fairly worthless if I miss self-imposed deadlines, even when they’re for things that really never needed to be on a deadline. Sometimes I can get around it by using the concept of “updated wheneverly.” On the bright side, I function pretty well in that setup. A significant problem, though, is that I end up with a lot of projects, all updated wheneverly.

In no particular order, here’s some of them:

Funcrusherpl.us – I overreached on this one initially and kind of got stung by a shitload of work. I got some good encouragement to get back into this by Ander Other, and it’s kind of fun to follow along with the release cycle.

bluesoul.me – Hey, I just launched this one! IT articles posted wheneverly. Sometimes the inspiration hits at work and off you go.

imissgrantland.com – This is one of the smoother launches I’ve ever had. Totally automated service that lots of people are enjoying. Those are ideal for me, people keep enjoying it and I don’t have to do a damn thing. Damn shame that Kimono is gone.

iskbook.com – This did technically work, but it needed a little more automation, and more sports offered. This was, for the uninitiated, a sports betting site playable only with the in-game currency of EVE Online. A related site that I wanted to get going, papersportsbook.com, is a betting site where you bet play money and see how well you do.

ogregamelabs.com – Great idea at the time. Unfortunately it takes way more free time than I actually have to do it in the way I envisioned.

statsonstats.net – This one is going hand-in-hand with a deeper education in statistics, as they can be applied to the NBA. The … (More) “Wheneverly”

September 16, 2014

Building a Skybot reddit module.

Perhaps I’ll update this with what’s been going in my life if there’s any interest. Anyway, I’ve been working with python and with a little help from /r/redditdev I designed a module to check regex (in this case, from IRC chatter) for a link to reddit and go get metadata about the link. This is for Skybot on Python 2.6 or 2.7.

import json
import urllib2
import time
from util import hook
import re

reddit_re = (r'.*((www\.)?reddit\.com/r[^ ]+)', re.I)

@hook.regex(*reddit_re)
def reddit_url(match):

jsonlink = match.group(0) + '.json' # retrieve JSON-ified version of link
req = urllib2.Request(jsonlink)
req.add_header('User-agent', 'Python/Putyourbotnamehere-1.0') # Reddit wants us to use unique user-agents. OK.
response = urllib2.urlopen(req)

data = json.load(response)
submission = data[0]['data']['children'][0]['data'] # Dig down to the relevant bits.
self = submission["is_self"]
if self == True:
url = 'http://redd.it/' + submission["id"]
else:
url = submission["url"]
title = submission["title"]
score = submission["score"]
author = submission["author"]
timeago = time.strftime("%b %d %Y %H:%M:%S", time.gmtime(submission["created_utc"]))
comments = submission["num_comments"]
return '%s - \x02%s\x02 - posted by \x02%s\x02 %s GMT - %s points and %s comments' % (
url, title, author, timeago, score, comments)
(More) “Building a Skybot reddit module.”

January 27, 2013

Resolving VMs not getting a DHCP address from a DHCP server VM.

I’ve been slacking in keeping the blog updated, I’ve started several new projects and work has gone from 25-30 hour weeks to constant 40s. I’ve taken some time for self-enrichment by setting up a PowerEdge Server as a virtualized test lab using Hyper-V Manager and SCVMM 2012 on Server 2008 R2. I am trying to get away from using Small Business Server and actually work on breaking out the server services to dedicated virtual servers. The first one, by necessity of wanting to use workstations in a real-life use case, was a DHCP server on a Server 2003 R2 Standard VM.

WARNING: I am a pre-MCSA know-nothing with regards to virtualization. My first time messing with Hyper-V was about two weeks ago, so if this is common sense to most of you, that’s why.

It appeared to be functioning properly, but I had a problem. If my workstation VM’s NIC was pointing to an External virtual network, it would not get a lease. If I set the IP statically, it could surf the Web and do all the stuff it needed, but if I set it to get a dynamic IP it would never contact the DHCP server. If I set it to an Internal virtual network, it would get a lease, but couldn’t get online. If I added a 2nd NIC and made one Internal and one External, I was no better off as I still had to set the External IP statically.

The issue lies in how the virtual NICs work in relation to the hierarchy of virtualization. When you create an External vNIC, it unbinds everything from the physical NIC but the VM NIC platform, and creates a new NIC on the Hyper-V server. This is important, because that External vNIC is what determines the connectivity of … (More) “Resolving VMs not getting a DHCP address from a DHCP server VM.”

April 30, 2012

Ogre Game Labs: A Proposal

(This is intended for one person, really, but I thought I’d put it on here so you all could see a new project I’m wanting to work on and maybe express some interest.)

Myself and several other members have a particular interest in designing games, and enough new online tools have emerged recently that I want to pursue the thought of an extension of the OGREs. The Ogre Game Labs would be something a little different from a traditional chapter, as membership in it would be as temporary or permanent as the OGRE choosed, though they would need to first be OGREs to make use of the Game Labs.

The Ogre Game Labs has a few immediate goals and a few stretch goals. Immediate goals are:

  1. Provide a resource for game designers to get support in the designing of their game, through (mostly online) playtesting, consulting with other game designers, working with people that have experience in online game designing tools such as Vassal (www.vassalengine.org), Roll20 (www.roll20.net), and Magic Workstation (www.magicworkstation.com).
  2. Provide a way for gamers to get involved at the ground level of new games and designers/design teams. They can find a game concept that’s of particular interest and volunteer to playtest games, or find a group with a similar schedule. One resource will be that all OGREs will be able to set their availability by day of the week, and this will be public. By joining the Game Labs you opt-in to being contacted by designers who are available when you are.
  3. Answer some basic questions on copyright law as it pertains to card, board, and video games. Not legal advice but links to useful resources on how you are protected (and not protected) as a game designer.

Some stretch goals are:

  1. Provide connections to artists, graphic designers,
(More) “Ogre Game Labs: A Proposal”
April 6, 2012

How to install Windows XP SP3 on Mac OSX Mountain Lion and get drivers, too. [updated 3/2/16]

This has been far and away my most-read article ever. Thanks for reading! If this saved you a couple bucks of your time, consider donating via Paypal or via Bitcoin to 16FCWbn1wSpgn3a5mcjXRAYGYRQ5MW3qv5.

I considered various triple and quad boot options for my new (to me) MacBook Pro, but eventually decided on a simple dual-boot, OSX Lion and Windows XP.  If you’re reading this via a Google search, you likely ran into some problems too.  If you have been trying to do this without involving Boot Camp at all, bear in mind that even with all the drivers technically working you’re not going to be able to do things like use the multi-touch trackpad, use the function keys on the keyboard, etc.  Don’t worry though, this is an end-to-end guide on what to do to get XP running on a machine running Lion, complete with download links.

5/2/2012 Edit: From the comments I can pretty safely say this doesn’t work on  2011 Macbook Pros. Sorry, it’s likely due to them using new hardware not accounted for in the Leopard driver pack. If you can find a way to make it work, please leave a comment.

9/7/2012 Edit: It sounds like this works for Mountain Lion as well, as it should. This should work for all OSX releases for the foreseeable future, but will likely not work on newer hardware. We’re using hardware profiles from Leopard, and many chips and cards used since simply didn’t exist then.

3/2/2016 Edit: Hoo boy, this thing still gets traffic. Since Windows XP is no longer supported, and is a positive magnet for malware now, I really don’t recommend you do this anymore. Only if the XP installation is not going to access the Internet. However, the links to the driver packs and such aren’t … (More) “How to install Windows XP SP3 on Mac OSX Mountain Lion and get drivers, too. [updated 3/2/16]”

April 1, 2012

Read My Lips, No New Fart Apps

I took the plunge, bit the bullet, followed the crowd and clichéd all the clichés. I bought a Mac, specifically a MacBook Pro from Late 2008. I’ve already pre-emptively deleted a paragraph that sounded like gushing because I’m honestly very impressed with OS X, moreso than I expected to be.

Anyway, the reason I’m writing this post is that I bought this thing to write iOS apps on, and I’ll be sharing my experience learning, debugging, testing and (probably) swearing with all of you. I hope it is informative to some of you, because I’m coming from a background in function-oriented PHP. It has done everything I needed it to do, and while OO programming is definitely cleaner, more secure code, I have seen little appeal in such a mental overhaul of my approach. So I approach this with no small amount of trepidation, the tutorials I’ve read so far haven’t really clicked with me yet, and I still feel out of my depth. I have one app I’m going to be working on right away, the series of posts will be mostly unfiltered, I will be learning, breaking things, and fixing things from post to post, so you get a feel of what I’m going through; my reasoning for this is that I know I’m not the only one making this transition from function-oriented PHP to Objective-C and Xcode.

The first post will be up before Friday, dealing mostly with Xcode and my understanding of things going in. I’m also revealing my studio name (obviously an important step in being an iPhone millionaire, much like how “writers” will have a grand story in their head, but when you ask “oh, how far along is the book?” they respond with, “Well, I haven’t actually written anything yet, but that part’s … (More) “Read My Lips, No New Fart Apps”

February 7, 2012

The Toolbelt: Some of my most-used code snippets for PHP, MySQL, HTML and CSS.

I’ve meant to work on this for quite a while. These are some of my most used code snippets to shorten a process, handy workarounds, pieces of code I need all the time or other such things.

HTML: The Meta Redirect

Use case: You need to redirect someone to another page, and don’t want to bother notifying them.

Code: [code][/code]

Advantages: Silent, works cross-platform, timer can be set (in whole seconds) by adjusting the 0 in content, will work in the body even though it’s a meta tag.
Disadvantages: Breaks back buttons.

PHP/MySQL: Quickly process and sanitize form data.

Use case: You’ve just accepted a form and want to easily work with the data, and escape the data to prevent SQL injection attacks.

Code: [code]foreach($_POST as $key=$value) { $$key=addslashes($value); }[/code]

Advantages: Saves a lot of repetitive entering of $_POST[‘element’]. Instead you just use $element. Also escapes the data early on so we don’t forget further along in the code.
Disadvantages: You create a lot of variables instead of one array. Your array isn’t actually destroyed, just copied. The idea is that the backend is working primarily with this POST data so making a lot of variables isn’t an unwanted thing.

PHP/MySQL: Save an if statement on every mysql_error() check.

Use case: You need to use mysql_error() function to handle errors in your SQL statement.

Old code: [code]$result = mysql_query($query);
if(!$result) { die(mysql_error()); }[/code]

New code: [code]$result = mysql_query($query) or die(mysql_error());[/code]

Advantages: Reduces risk of typos breaking your page, cleaner.
Disadvantages: No known disadvantages.

PHP/MySQL: One standardized method of DB querying.

Use case: You want to get in the habit of one naming scheme for your MySQL queries, and don’t want to go the OOP route.

Code: [code]function doQuery($query) {
$result = mysql_query($query) or die(mysql_error());
return $result; }

…… (More) “The Toolbelt: Some of my most-used code snippets for PHP, MySQL, HTML and CSS.”

December 27, 2011

Pie to Finger Ratio

I thought it would help me focus if I wrote down all the web projects I’m working on now.

Project Havana: Lot of work to go, got some pretty jQuery animations going on but very little content. Lot of data entry to go, but I feel like this project has the best odds of being monetizable. (Is that a word? It is now.) Day-to-day investment of time seems like it could be quite high for a while.

Project Xenon: Data entry’s done, and hell a lot of the code from Project FAST is reusable. jQTouch is still eluding me with regards to passing data across the POST in PHP and still getting those pretty animations. I need to buy that peepcode screencast and get it over with. If I had a week to knock this out it would be donezo. Not much oversight needed once the code is stable, especially when I’m not expecting much of an audience.

Ogre Game Labs: Pretty much from scratch. I think the stuff you learn from Project Havana will pay off here, because you’re gonna want that asynchronous data transfer. It’s a must, actually. So get Havana up and going, spread the word in the channels where you’ll get an instant audience. Then re-evaluate how much of this you can do. Day-to-day is a real wildcard, as is the eventual size of the audience. Main competitor is only about 5,000-6,000 registered users but up to 200 concurrent sessions. That’s serious stuff, but we’ve got a level of flexibility that they don’t. I think.

Ogre Lair: Operational. Needs customization and getting moved to the correct domain. I like that I’ll be able to hand the day-to-day of this one off.

Paid job for IPC: Mostly data entry and their calendar left.

Paid job for AUMC: … (More) “Pie to Finger Ratio”