Anyone Else Tired???

So, this is my "on-call week" for week.  That means I need to be available constantly from 8AM Monday through 8AM on the next Monday to fix things at work.  Usually not much breaks; us programmers don't like to piss-off the other programmers when they are on-call by writing shit code.  And...  none of us want to get 'the call' from any of our bosses.  Seriously, we are all professional and most of us have worked where I am employed for the last fifteen years.  Personally, I am at nineteen years later this year.

Anyway, being on-call occasionally requires waking up at any hour of the night to fix something that is broken.  Two nights ago something little broke at about 5AM.  It was a simple repair but I couldn't go back to sleep.  Last night I had trouble falling asleep and this morning had to wake up at 4AM to assist with a software roll-out.

I'm tired.

Over the years I have created a list of activities that are verboten on days such as these.  This list includes: buying things online; bidding on items in online auctions; signing anything important; investing; handling power tools; motorcycle riding (or bicycle riding for that matter); boating; building bon-fires and working on the household electrical system.

This morning I added another item to my list of verboten activities...  updating computer operating systems.

I foolishly thought updating my Debian Linux machine would be a no-brainer...  Log on as root and apt-get update and then apt-get upgrade.  Several packages did indeed update.  Even saw a few comments about a kernel upgrade.  No biggie.  I just sat back, focusing on my coffee and the software rollout, allowing the upgrade to continue.

Coffee break.  I check the upgrade and YEA, it is complete.  I then start  my backup script; just a mount and then a call to unison.   BBBZZZTTTTTT!!!!!!!  I see an error...

mount error: cifs filesystem not supported by the system

You see...  I have a Verbatim NAS I use as a hot backup for all my PCs.  My Linux backup script simply uses mount to connect to the NAS and unison to perform the backup.  After the update/install it was just not going to work!  I scrambled...  My Windows machines could connect to the NAS.  My other Linux computers could connect as well.  I was pissed.  I searched and poked and tried different things for hours.

Then...  after several coffee's and a few ef-bombs, something occurred to me...  I hadn't rebooted the machine.  Shit!  I rebooted and SHAZAM, all is good in my Debian Linux world.  Nap time... that's allowed.

What to do with all that speed???

So, computers based on quantum physics are already being planned, designed and in some cases even being created.  The electronics used in quantum computing do not rely on relatively slow semiconductors; they use near instantaneous quantum technology.  No, I don't know the details, but I do know that once some developers get access, there will be abstractions upon abstractions upon abstractions built, to the point where a quantum computer will perform about as well as a 80386 running OS/2.

A Base-64 Decoder That Works!

Let's face it...  debugging ASP.NET production websites can be challenging.  HTML sessions are 'stateless', meaning from one post to the next, the server has no idea what post came first.   For example, let's say there is a website that prompts the user for their name on one page, and on the subsequent page the user is prompted for their address.  Well, the server has no intrinsic way to join the data together from those two pages to save it all in a table somewhere.

Web scripting language use various methods to store this state information.  Some use cookies to store the data from one page to another.  Some use a unique key, placed into a cookie, or in the URL as a parameter to retrieve the data from an internal 'session store' on the server.  ASP.NET can save the session state several ways.  One way to save part of the session state is in something called a ViewState.  This is basically the state of a page; just part of the entire session state.

Well, this ViewState is stored right in the web page as a 64 bit encoded string.  It's not encoded but definitely looks that way.  It's unreadable without a decoder.  Anyway...  If something is stored in the ViewState, programmers can have a bitch of a time trying to pull it apart and see the data.  But...  This information can be invaluable to debugging a production problem.   There are varied ViewState tools on the web for decoding this gobeldygook into something that is somewhat coherent.  I use Base64 decoder and encoder at motobit.  It's simple and works.

So, Trump Is Our President

What the hell is this company coming to???  Think I will create a series of these...  Share as you wish.  Some may not be safe for work; you have been warned!

Simple Is Still Simple

Yes, contrary to the conventional state of technology and computer programming, simple is still simple.  Well, at least it should be.

Quite frequently I read different articles about programming in an attempt to maintain professional relevance.   Some are well written articles on good programming techniques.  Some are poorly written but the core material is still good.  Some are well written pieces about some fluff fad and then there are occasionally the poorly written article about some programming technique or library or concept  that has 'bad idea' written all over it.

Solution to DDOS Attacks from the IoT

Last Friday, October 21st, the company DYN was the recipient of a rather massive DDOS (Distributed Denial of Service) attack.  Companies and tinkerers won't like this simple solution because it causes them to do a little extra work.  If this potential solution doesn't solve the problem, it would certainly mitigate it.

It's simple.  For those old enough to recall free AOL disks, remember how many included an account password printed on the CD/disk case?  Well, the same thing could be done for IoT devices.  Manufacturers of these things could simply print two random English words on a label and stick it on the IoT Device.  This password is burnt into the device as its factory default.  There is no standard factory default.  Let's face it...  The bulk of people using and installing IoT devices either don't know there is a password on their new-fangled refrigerator, or they just don't care to change it.

Seriously

water-wood
january-carolina
protien-curious
wrecked-quipped

These passwords would be so much better than admin or system or the ever-popular password.

Mouse Peep in a Snow Storm - or - How NOT to Operate QRP

So...  On last Sunday (2016-10-16) there was a little ham radio contest called the "Illinois QSO Party".  Yes, I am a licensed amateur radio operator, and have been continuously since 1983.  Since then I have talked to folks all over the world  from my car or home office, completely without this new-fangled thing they call the internet.

Anyway, my wife and I went to the Peoria Ham Fest several weekends ago and I bought a late 1970's Yaesu FT-7.  Sure, I would have preferred my favorite, an Icom IC-706, however my play-budget is currently quite limiting.  The Yaesu was only $200; the Icom runs around $700.  Add another $100 for antennas and other accessories, and the Icom will simply cost far too much right now.  At any rate, for $300 I purchased a rig and enough wire and coax to make antennas for the 80, 40, 20, 15 and 10 meter bands.

One thing...  The FT-7 is considered a QRP rig; that means 'low-power' for you non-hams out there.  Generally, this radio uses less power than a computer monitor.

Since tossing a 20M dipole up into the trees, I have been making regular contacts with mobiles on the County Hunter Net (14.336 MHz) and a few special events stations.  Signal reports are 'ok' but not outstanding.  This is how it works...  The other station "calls CQ" and is specifically listening for other stations to call them on a certain frequency.  They are listening.  So, when I call them with my little low-powered rig, they hear me and call me back.  It works.

I remember reading somewhere a long while ago that QRP stations really shouldn't call "CQ" (i.e. is anyone there).  It will be a waste of time.  Other hams tuning around the band might hear your puny little signal but move on to a louder signal because it is easier to make a contact with them.

Absolutely.  I wasted an hour on Sunday calling CQ with my little QRP radio during the Illinois QSO Party and made exactly zero contacts.

So, the common thought holds... When running QRP, don't call CQ...  It's like a mouse peep in a snow storm.

Getting a 500 Error When Trying to Access a REST API from C#?

This just might be the solution.

Here's the deal...  I need to write a simple C# client to access data from a REST API served up by an Apache Tomcat server.  Not a big deal at all...  should be pretty simple...

Should be...

For some unknown reason, my attempts generated nothing but '500' errors from the server.  Myself and our resident network wizard captured my traffic and we compared the headers of a successful GET using CURL and the non-successful attempt using my simple C# program.

After trying a few things with no success, I noticed the CURL capture showed an 'Accept: */*' header.  My C# program did not.  So, I added this...

request.Accept = "*/*";

SHAZAM!!!  No more 500 errors.

No search results from Google helped.  None mentioned this as being a possibility.  But, heck...  it worked.

By the way, this Apache server is what I like to call LegalWalled.  Yes, it's our server but if we touch it, or even log onto it using SSH without the guidance and approval of the vendor's support group, we could violate our support contract...  so opportunity to dig into why that specific error was generated.

Yes... I did that... Don't remember it, but did it...

I am a programmer (or is that obvious?).  Once in a while I will be tasked with researching or changing a program that I originally wrote.  I get the most recent code from our Source Repository System and start reviewing the code.  There is no doubt the program came from my brain, but it is certainly not familiar.  Why did I put these functions into a DLL?  What was I thinking when I designed this junk table?  OMG, WHY did I use singe letter variables???  WHY?!?!?!?!?

Maybe this happens with people in other professions...  read this to mean I hope sincerely that any doctor, dentist, commercial pilot or member of law enforcement who feel a similar temporary disorientation should firmly consider taking the day off!

Does a mechanic one day, look at a half-rebuilt carburetor that they have been working on for a month and wonder what motorcycle it came from?  Does a blackjack dealer in Vegas pause and wonder what those cards with an "A" printed on them mean?  Does a baseball umpire call "STRIKE!" before the pitcher throws the balll?

Anyway...  Walter Bishop from Fringe may never have said this, but maybe he could have...

"We WANT to Protect You..."

Imagine this, if you will...

Your daughter and yourself own and operate a small jewelry repair and gift shop in an old brick building on a busy old street.  Most of the business have been there for decades.  There's the deli and coffee shop, and the used book and curio shop, and the pharmacy, and the motorcycle repair and accessory shop, and the sporting goods store, and the small bank branch on the corner.  The town has a bustling core of tourist traffic that supplies ample amount of financial support.  This tourist business is solid but does cause a few issues with fraudulent credit cards and so forth.  The merchants do what they can but accept this as a typical danger of being in business.

You notice one day, some merchants are installing these new loss-prevention machines that really seem to be stopping all credit card fraud.  Unfortunately they are hesitant to discuss the details and are somewhat unhappy, saying foot traffic is down significantly even though the number of tourists in town is increasing.

One day a couple of fellows come into your store and offer this new system to you.  They offer to place a detector and door lock on your front door free of charge.  All they ask is that all purchase transactions you make go through them, 'for security purposes.'  They will hold all money for three days in their bank account for transaction validation, then release the funds to your bank account.

Here's the big catch...  only people who have registered with their service can enter your store.  Sure, they can look in your window, and if they ask, you can let them in if they haven't registered, but they don't recommend it.

"Everyone else on your street are using our system and LOVE it!  No one has had a fraudulent purchase since our systems have been installed," they say.  You tell them you will think about it.  They give you their card and leave.

One month later you are balancing your books and realize fraud is up by 20%!  Generally foot traffic and cash flow has increased but not enough to cover the new fraud.  You call the two fellows selling the anti-fraud solution and have it installed.

That's what seems to be happening to E-Bay.  Buyers can look at the items but unless they are PayPal users with validated accounts or addresses or whatever, they can't even put a bid on items.  You aren't a PayPal customer, you are shit-outta-luck.

That's how it works...  There's fraud happening so E-Bay offers this great service to a few merchants.  It's a little shady and locks the buyer base but it works.  As more and more merchants use this service, fraud becomes focused on those merchants who don't use it.  So, those merchants are pressured into using the service for 'protection'.

Here's what I did.  Yesterday I browsed E-Bay looking for deals on used lenses for my Canon Rebel.  BINGO, I find a lens and try to put in a bid.  I don't use PayPal so...  BZZZZTTTTT...  I can't even enter a bid.  I try entering a bid for another lens.  BZZZZTTTTT... same thing.  Another?  Same thing.

WTF???

Here's what will probably happen in the future...  Customers will not like this requirement to be 'verified'...  Foot traffic in E-Bay will start declining...  E-bay will need to change their validation.

Just my half-asleep $0.02 worth.

Webcollage bug/irritation repair

So, I am enjoying my little Linux build with that little AMD APU detailed in my last post...  Something is missing...  YES!  A good screensaver.

Oh...  Yes it has been a while since my last post, so what?  I've been boating and working on the house and generally enjoying the outdoors while the weather is agreeable.  So...  pfft...

Anyway, I installed the XScreenSaver package with several additional screensaver packages.  One looked intriguing...  webcollage by Jamie Zawinski.  Webcollage uses dictionary files (just lists of words) to seed simple searches on several internet search engines.  When the screen saver is activated, a random image (or part of an image) from a random webpage from the results of searching a random word is placed on a the screen like a collage, one image over the other.

Needless to say there is a lot of online bitching about this because quite simply, it can display porn and other NSFW images.  OK, so some people don't like it.  Personally, I find it intriguing.  But...  occasionally the following text would show up on the screen...  sometimes several times before a screen redraw covered the text:

Use of uninitialized value $vals in index at /usr/share/perl5/HTTP/Headers.pm line 264
Use of uninitialized value $vals in concatenation(.) or string at /usr/share/perl5/HTTP/Headers.pm line 267

After trying a few repairs to the webcollage Perl source, I just went into Headers.pm and fixed it there.  Here's the repair:

sub as_string
{
    my($self, $endl) = @_;
    $endl = "\n" unless defined $endl;

    my @result = ();
    for my $key (@{ $self->_sorted_field_names }) {
next if index($key, '_') == 0;
my $vals = $self->{$key};
if ( ref($vals) eq 'ARRAY' ) {
   for my $val (@$vals) {
my $field = $standard_case{$key} || $self->{'::std_case'}{$key} || $key;
$field =~ s/^://;
if ( index($val, "\n") >= 0 ) {
   $val = _process_newline($val, $endl);
}
push @result, $field . ': ' . $val;
   }
}
else {
          if ( defined $vals ) {
   my $field = $standard_case{$key} || $self->{'::std_case'}{$key} || $key;
   $field =~ s/^://;
   if ( index($vals, "\n") >= 0 ) {
$vals = _process_newline($vals, $endl);
   }
   push @result, $field . ': ' . $vals;
          }
}
    }

    join($endl, @result, '');
}

My changes are in red.  Not sure if the bug is in webcollage or if it is in Headers.pm but here ya go.  This is the fix.  Damn, I love open source!

**Disclaimer:  I am NOT a Perl programmer, I only know enough to successfully poke around Perl source and figure things out.
**Suggestion: Anyone running webcollage might want to consider two things: 1) it uses internet resources to perform searches and retrieve images; 2) some of the images shown on the screen could really get a person in trouble at most companies, not to mention what might happen should certain significant others see certain images.

New Minimal Linux Box Up and Running

Long Time No Post

Quite a few things have happened since my last post.  One of the most important, of course, is the completion of my little new Linux box.  Here she is...

Silicon Power Slim 60 GB SATA3 SSD drive.  It is only 2.5 inches wide, offers SATA3 6Gbps connectivity, and very energy efficient.  I selected this SSD because it was inexpensive, fairly fast, and rated as quite energy efficient.  Formatted this as ext2 and used it as my OS and swap drive.  Spent $30.




Toshiba 500 GB 7200 RPM hard drive.  It is your basic 500 GB 7200 RPM SATA3 hard drive.  It offers SATA 3 6Gpbs connectivity and a 32 MB cache.  I selected this drive because it was inexpensive, had good reviews and was the right amount of storage for my needs.  Spent 45$

ASRock C70M1 Motherboard with AMD Dual Core Ontario C-70 APU.  This mini-ITX motherboard/CPU combo offers very low power consumption, no unneeded video capability (I only needed basic VGA), up to 16 GB RAM, 64 bit processor/data bus width, four SATA3 6Gbps connectors and a host of other things.  No, this is NOT a gaming or server mobo/CPU.  The C-70  APU is only dual core and runs at about 1GHz but this board is extremely quiet, energy efficient and seemed to fit my requirements.  Total price of this board was $40 - not bad for motherboard and CPU.

I added a couple of Mushkin 2GB DDR3 RAM sticks for $22 and a basic APEX 250 watt power supply for 19$.  I tied it all together in an old Dell computer case and installed Debian Jessy.  The only little issue I had was the fact my little USB WiFi dongel wasn't supported natively.  Really, it was a minor issue.  After some research, the driver source was located on GitHub, it was easily compiled and installed.

So, for a total of about $156 I have a new little Linux box.  ( had an old flat screen VGA monitor just wasting space so used that).  Pretty happy so far.

More details and maybe a benchamark or two.

OMG .NET, You Are Crazy!!!

OK, so I am doing something simple...  adding a ControlParameter to a SQLDataSource.  I just want to add it as an optional filter.  The ControlParameter points to a TextBox.  Like this...

<asp:ControlParameter ControlID="txtFiltCC" Name="TCity" PropertyName="Text" Type="String" DefaultValue=""/>

Not only does the result return nothing, according to the Microsoft SQL Server Profiler, the query is never even sent to the server!!!  

What the HELL!?!?!?!?

I change the SelectCommand to not use the @TCity paramater and still...  no query sent.  The GridView bound to the SQLDataSource reports that no records were retrieved.   Hmmm...  makes sense since according to SQL Server Profiler, no query was sent.

Then I find the ConvertEmptyStringToNull property on the ControlParameter.  It's default is 'True'.  Hell, I don't want it to be null, so I change it to False.  Friggin SHAZAM!  The SQL query is sent and I get a result set.  Why the HELL would the ConvertEmptyStringToNull cause a query to not be sent, especially if the parameter isn't even used in the query????  This works fine...

<asp:ControlParameter ControlID="txtFiltCC" Name="TCity" PropertyName="Text" Type="String" ConvertEmptyStringToNull="False" DefaultValue=""/>

Really, Microsoft...  This is a crazy little piece in ASP.NET

So...  For anyone scratching their head about a GridView not being populated from a SQLDataSource that is using a ControlParameter pointing to a TextBox, this just may be the solution.