Computer Science & programming

Why WOLFRAMALPHA has given me a good first impression

Mon, 18 May 2009 20:39:30 +0200

I’m not particularly into the Wolfram is a genius kind. I know he made many fundamental error into it’s book about cellular automata.

But the first question I ask to wolframalpha was : “meaning of life” here is a screenshot of the result.

Be able to change your password

Sat, 11 Apr 2009 23:25:21 +0200

My password was compromised because of a simple copy/paste problem. My password was released only base64 encrypted (that means really bad encrypted) on the Internet. Argh... I needed to change it.
Unfortunately, YPassword was not designed to do that. This is why I implement the new feature in YPassword 1.5.

Here is how I modify my password :
(1) hash(‘passworddomainname’)
(2) hash(‘password1domainname’)
(3) hash(‘password2domainname’)
...

each time I need to modify it I simply increment a number after my password and I’ve got a new one with the same security. In my knowledge it is has hard to retrieve your password knowing (1) than to retrieve (2) knowing (1). Therefore, here is my solution.

And here is how to retrieve your password from anywhere :
simply use sha1 website provider (using javascript) like Here
or my online version of the widget (really early alpha actually Here)

Just a tip to convert from hexadecimal representation to base64 one the python script to do that:

#!/usr/bin/env python
# -*- encoding: utf-8 -*-
### hex2b64.py ###

import binascii
import sys
import re

hex=sys.stdin.read()
m=re.search('([a-f0-9][a-f0-9])*',hex)
print binascii.b2a_base64( binascii.a2b_hex( m.group(0) ))

Now, you can simply use in a shell script:

echo -n “passwordNumberDomain” | openssl sha1 | hex2b64.py

Shorter Password with the same efficiency

Sun, 15 Mar 2009 10:12:22 +0100

I hardly learnt how it could be bad to enter password on an iPod touch. The problem of strong password is the length of them. Even if you use a password manager, like YPassword. As you cannot copy/paste on iPod touch, you have to type manually the password. And this is a pain.

This is why I modified YPassword to provide not only hexadecimal password but also ‘base64’ password. That mean use not only numbers and letters from ‘a’ to ‘f’. But all alphabet (case sensitive), all numbers and only 2 additionnal. The result is I use 64 differents symbols agains only 16.

As 64=26 and 16=24, password are now 4/6 = 2/3 as long as before. Therefore you pass from 40 letters to 27 letters. And what is the most important you don’t lose the password complexity in shortening it.

As I used this password manager kind at work (I don’t work on Mac :-( ). I made a python script in order to transform password from hex to the kind I prefer.
I also tried to make strong password à la Mac Keychain. The result was quite surprising. Passwords of the form <word><number><specialChar><word> are really not so strong!

Here the proof.
YiMac% ./password.py a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
int (48): 966482230667555116936258103322711973649032657875
hex (41): a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
ascii (30): R@UDCKE5FI6KGASIN=Z2GN93H;S154
cascii (25): ^JU|N)FC*-@HN;8pOL8N?K*:%
base64 (27): Tv7LYeY6RO9cIwEHmuZsMX+jKlK
rememb (82): palynological38.antimoniate97.idolize61.effleurage27.Zaporozhe's26.demagnetized26.

In order to make the last kind of password I used a word list containing: 1239113 words!
And even with such many words, the password to be as strong as a 160 bit long password need to contain 6 words and 6 numbers (inferior to 100). Which mean approximatively 80 letter long!
Personnaly I cannot remember this kind of password.

I tried other kind of transformation, the integer (48 letters long), the best in my humble opinion was the base64.

To understand here is the source code of my script (it is very simple to understand):
#!/usr/bin/python
# -*- encoding: utf-8 -*-
import sys
if len(sys.argv) <= 1:
print "usage password.py hash"
exit(1)
# recup the hash from command line
hash=int(sys.argv[1],16);

def tranformPass(hash, liste):
diviseur=len(liste)
password=""
while (hash):
password=password+liste[ hash % diviseur ]
hash=hash/diviseur
return password

# all kind
val=str(hash); print "int ("+str(len(val))+"): "+val
val=hex(hash)[2:-1] ; print "hex ("+str(len(val))+"): "+val
val=tranformPass(hash,[chr(i) for i in range(48,91)]) ;print "ascii ("+str(len(val))+"): "+val
val=tranformPass(hash,[chr(i) for i in range(33,127)]); print "cascii ("+str(len(val))+"): "+val

# base64
base64List="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
val=tranformPass(hash,base64List); print "base64 ("+str(len(val))+"): "+val

# for word list
def tranformPassWord(hash, liste):
diviseur=len(liste)
password=""
while (hash):
password=password+liste[ hash % diviseur ]
hash=hash/diviseur
password=password+str( hash % 100 )+'.'
hash=hash/100
return password

# Word list
# recup the list of words (got it from http://wordlist.sourceforge.net )
f=open("totalListe","r");
liste=f.read().split();
val=tranformPassWord(hash,liste); print "rememb ("+str(len(val))+"): "+val

In conclusion, I’ll plan to make quickly a website to manage all that. Accessible from normal web and mobiles. The most portable and efficient possible.

Why I changed my mind from fluid to fixed layout

Fri, 13 Mar 2009 22:49:01 +0100

Recently, I decided, in order to have the most possible portable website and also the most readable one to change my website. Not the one created with iWeb you’re reading right now. One I’m doing from scratch writing code with Vim.

In a first time, I believed the only reason to prefer fixed layout was the technical easiness. But after passing long time to surf, here my conclusions.

I now am annoyed by all wrong stuff (animations, images, ads, tags, twitter activities, rss link, facebook link, linked in link...). The image on the right is a recent example of hideous blog I really hard tried to read.
The content was really interresting but the presentation was so bad, I had to switch to lynx to read it.

Most of time, when I go on a blog, I want to focus first on the content, then if the content was good enough, I sometime feel ok to know more about the guy who written it. This is why I started (again) to surf using text-only browser such as lynx and w3m. Of course, today, the omnipresence of javascript limits the usability of these browsers. But when I’ve target a blog, I first try with lynx. It is easier to read and concentrate only on the content.

Last week was also released readability. The idea is pretty good in my opinion. This is a simple javascript which try to focus only on the content and delete everything except the content and modify the style in order to be easier to read.

This is exactly what I don’t want my visitor need to do. My site should give this readability naturally. This is why, after verifying the assumption that fixed layout is easier to read than fluid one. I made some radical changes in my design. The most radical one was to completely change my mind about fluid vs fixed layout.

The two radical changes were:
- pass from fluid to fixed. Because, it is clearly easier to read fixed sized text (normally a width between 50 and 70 em).
- make my font size bigger. From 1 to 1.2 or 1.4 (not decided yet).

Now, when you see my website. You separate naturally the navigation zone (the head) from the content zone. And that’s all. Yes. Just two zones. No more. No twitter widget, no “add my site to delicious”, no “click here in order to add me in facebook”... And of course “no ad”.

My conclusion to this is, if your goal is to catch user attention and help him to focus, you should do the most to transform your website in an experience that should be close to the one of books. If it is written to little, you don’t read. If there is too much ads, flashing images, you don’t read.
The better way to focus, is to have a fixed (or almost fixed width: between 50 and 70 em) and to have very few zones and external informations.

Now I tried my best in order to give my visitor the sensation to read a book when reading on my website.

Here is a screenshot of my not terminated yet design:

The concepts of my website:
color: Black, White and Red (NO MORE)
parts: Head (title, subtitle, navigation), Content (should be many paragraphs)

I didn’t decided yet:
- if links should be red or simply bold. And let red be the color for highlighted stuff...
- if there is enough white space
- if the title and subtitle should be in the head or separated in the content
- if I’ll try to make my design work at least not completely bad on IE6 (for now it is XHTML 1.0 Strict and CSS 2.0 valid, and therefore not IE compliant)... If you try to accede my web site with IE you began in a javascript nightmare asking you to change your browser.

For now I found there is too much red, but this is because of my example text. It shouldn’t have so much red with real content. I didn’t want a total minimalist website (no background image, white or black background...). Too minimalist is sometimes difficult to make. I don’t have this talent I believe. I made some very subtle radial gradient on each part, in order to give an impression of a finished design.

If you have some remark, I’ll be pleased to listen to them.

How to copy & Paste even when it’s forbidden

Fri, 6 Mar 2009 03:48:57 +0100

Just create the following Applescript in automator:

on run {input, parameters}

delay 3

try
set clip to the clipboard
tell application "System Events" to keystroke clip
on error e
display dialog e buttons {"OK"} default button 1 with icon 0
end try

return input
end run

And save it as an application: forcePaste.

Now I copy my password, I click on the forcePaste and I’ve got 3 seconds to position my cursor on the good field. Then all is going as if I typed myself on my keyboard the content of the clipboard.

That’s all folks.