The home of RobL...

Yes! It is time once more for Karen Gathercole.

I note there is An actual album available of this.

Relax as the smooth tones caress my ears with christmassy joy...

OH GOD NO... MAKE IT STOP...

Karen's Kristmas Kraka

Don't say I didn't warn you... again.

Having recently written some (old style) perl again, there was a requirement in a couple of my scripts for "Random" strings. It took me quite some time to settle on what would be acceptably random enough without being over the top or too slow for my script to function fast enough. In writing my scripts, I had to think carefully about what I meant by random and how to apply it.

Unfortunately, the meaning of "random" is wide and varied and application dependent, ranging from "truly random" to "random enough for my script purposes"

Then it is all down how the randomness is actually used and understood by the users.

Anyone that knows me well enough to have been to the pub with me a few times, will probably know that, following the age-old tradition of buying some bags of crisps at the bar for a peckish gaggle of friends, I will usually ask for "three random flavoured bags of crisps" (adjust quantity according to number of people and how hungry they might be.)

The other day, my friend Dave went to the bar... "do you want anything?" "Yes!" I chirped. "A random flavoured bag of crisps, please."

A few minutes later, and Dave returns from the bar, with a bag of PLAIN crisps. I mean... When I say flavoured I mean anything EXCEPT plain crisps. Obviously. (surely any fule no...)

But that depends if you count PLAIN as a flavour of crisp, and if you know my particular taste in crisps.. I find plain crisps... boring.

Clearly, Dave's (or the bar tender's) interpretation of random differs from my expectation...

"What is this!... PLAIN crisps!"

"You asked for a random bag of crisps!"

"A random flavoured bag of crisps!"

"Sometimes, if you ask for a random number in the range of 0 to 256, you get 0, or maybe even 1" came the response.

I cannot really argue with that.

Rather than get into the age-old and drunken debate of is zero a number? and by extraction is plain a flavour of crisps, I just munched my crisps. (and with every slightly disappointing bite, it started a thought process about what my expectation was, and was I entirely happy with the outcome?) Did I clearly enough define my use and parameters for what I meant by Random in this case? Probably not.

The recent Olympic tickets selection was supposed to be truly random, however... are we pleased with the results, where some people got all the tickets they had asked for £11,000 worth in one case, while others got none? Or, got tickets to different events happening too far apart to get from one to the other.. or at the same time. (speculative buyer beware!)

The debate continues about whether this was fair enough, or if the randomness could have been set with certain parameters to ensure a wider distribution of tickets.

So.. we maybe have to set some parameters on what we mean by random and is it too random or not random enough for our purposes.

To give another example, I have a little program called apg on my linux machine that generates random passwords. But the choice can be set to something completely horrible:

hU^c7/:;d-vmiK.7R(i-


To something you might have a hope in hell of remembering, or being able to type easily:

hovitGej5


By excluding certain characters, for example, to limit the scope of random. both passwords are Random but by different definitions. Most people would probably find the first password unacceptable and probably have to write it down or save it somewhere... maybe defeating an element of the "security" in the first place.

Sure... the password is hard to crack.. but also hard to use.

But the second "random" password is probably strong enough for most applications, although arguably, a determined cracker might be able to crack it by looking at how the apg program limits its randomness, in such a way as they might be able to crack the password by limiting their cracking attempts to the same criteria. Still... hard to do but not impossible.

So... we end up with the usual security compromise of complete security vs usability. The second password is probably secure enough for my average stuff (websites etc.) but maybe the first would be more suitable for VPN keys that I don't have to type in, for example.

Recently I was trying to assist a US visitor friend of mine who had lost her passport, which brought me to the web site of the US Embassy. As well as working out the process for getting replacement travel documents and reporting the lost passport, I noticed an article about the US Visa Lottery.

Diversity Visa 2012 Results Voided

The results were not valid because, owing to a computer error, they did not represent a fair, random selection of entrants, as required by U.S. law.

Blamed on a computer programming glitch, the visa draw will have to take place again. Many people who were told they had a ticket to The Land of The Free, have had that taken away again. Whoops!

Aside from the obvious international embarrassment for a government department (and maybe a few red-faced officials, programmers and software designers...) I would love to know what exactly happened. Same software but new hardware with a different specification for random? Programmers without a good enough specification? An undetected hardware failure in random generation? A faulty assumption?

When you say "random" what, exactly, do you mean?

We have to remember that computers find randomness particularly difficult. We can probably never get true randomness with commodity PC hardware at least, just a randomness that is acceptable for most purposes and definitions of random.... pseudo-random.

And so, I am off out to buy a packet of Cheese and Onion crisps to make up for my poor application of random.

We have to be precise in our use of random

And luckily, my friend found her passport, and so consular assistance was not needed after all...

Phew.

Do not put your passport in a random pocket.

:-)

Another bike breakfast. This year done without the help of a little van that Keith brings along.

You might think that using a van is cheating, and I would agree, however, I never realised just how much stuff has to get to and from lots of different places in a very short space of time.

This year was a logistical challenge, and with maybe not so many people around at the start at least... to help with all the moving stuff about, but we managed it. Constructed the "Wheelers Extra Massive Articulated Vehicle" ... WEMAV..? by attaching the trailer to the Christiania...



Since it was me that was going to have to ride this thing up from its home to Narrow Street... Did a little test run...While a bit heavy, all went without incident! I always suddenly notice small hills when on this thing that I do not even think about on my regular bike...!

I think the Christiania is so heavy anyway, you do not even notice the trailer is there. Well.. until you need to care about it when negotiating a tight corner or trying to get through bollards etc.

Oh.. and reversing is a little difficult. (No reversing without a banksman..?)

Other logistics sorted by Dave/Caroline and Owen with various clever ideas and folding bikes.. oh and okay, we used Owen"s little car to transport some stuff, for the breakfast and for the Glamour Ride which happens on Friday. Owen took the "WEMAV" back to Bethnal Green and I pedalled home on folding bike Owen had arrived on...

Outfit and bike sorted (just) for the Glamour Ride.. just hope the weather holds out and we get a dry (if not sunny) evening...

Hmm.. Where has Victoria Park gone?

I am sure it was there last time I checked.

Maybe it can be our secret park?

Misc improvements to the lab have happened over the last few months, including addition of a Cisco ASA 5505 and Watchguard firewalls, to test out various complicated firewall/NAT/firmware upgrade scenarios.

Also since the last drawing/photo, the topology includes three switches, since I added a small Foundry L3 switch.

I have found it to be very useful for many things recently, especially for testing firewall configs and migrating configs from one thing to another, for example going from Cisco to Juniper, or testing what happens when upgrading a Cisco ASA from old firmware to the newer (and very different in places) 8.4 firmware... the NAT config is now even more difficult to follow than it was before!

- Fellow network geeks feel free to ask me if you want access to tinker.

Finally fixed the software that enables me to update this thing!

After switching and rebuilding machines some time ago, I finally got round to fixing this...

Not that this exactly has a lot of readers

Woohoo. A tax refund. Think it is legit??



My Nigerian friends are also particularly active today.

My name is Captain Matthew Stamford of the US Marine corps stationed in Kabul, Afghanistan, I found some money stashed in a couple of barrels while on patrol ($900,000.00) I need someone to help me move it to a safer place, please have it in mind that there is no danger involved. You may contact me on usmarine120@i12.com so that I can provide you with more details.

You would think by now that we would have solved the problem of automated "out of office messages" being sent to mailing lists with hundreds, possibly thousands of subscribers.

It is not exactly the most difficult problem in the world to solve:

1. Only reply to e-mail that contains your e-mail address in the To: and if you must, the Cc: header.
2. Only reply once per sender for the duration the responder is set. If the same sender happens to send another message, we do not respond again. (consider automated ticketers and other out of office messages!)
3. If adding it to a rule set, place it at the bottom of your rules, so that list mail etc. gets dealt with first, before the auto-reply.

There are other elaborations on this, such as not replying to obviously automated messages and bounces, but the above should generally work.

I cannot believe after all these years of this STAGGERINGLY OLD PROBLEM that there are still platforms out there which allow users to set up such brain-dead auto-responders. (Either that, or make interesting assumptions about what headers to expect.)

Yet again one of the large mailing lists I am on has been bombarded by somebody's brain dead out of office messages. Every time somebody posts something, we get another out-of-office message. Worse, his own out-of-office messages are posted to the list and this triggers another out-of-office message. DUHHHHH!

FFS!

Okay... what sort of idiot pays this sort of money in Staples for:




2 x CAT5e patch leads... £27.23 !!!

I mean. I can get the same cable from Repsole for £2.42.
And could probably get a supplier cheaper than that if ordering in bulk.

Okay.. so.. the price of copper goes up and down, so at wholesale, the cost of CAT5 cable fluctuates from month to month. But priced per metre, that works out at about £2.72 vs £0.484p.




6 velcro ties. £5.95 !!!

I can easily get about 50 for that price, I would not be so bothered about the colour of them though for that price.

Lawks. Talk about markup.

(OTOH, I would not mind a couple of customer like that... Although I do not think in all conscience I could charge that much for something that costs pennies to manufacture.)

Been busy getting stuff ready etc for Bike Week which is looming this weekend to next.

Doing a ride to Richmond Park and lots of other misc jobs.

Lots of data centre work recently installing servers and networking stuff in batches of 50 servers or 80 servers. I think my regular caged nut and M6 bolt suppliers think I am slightly crazy. They phoned me up to check I was not duplicating orders. So... "You want Another 2000 caged nuts?" "Yep"

A smattering of e-mails about various bike rides, including,

• "Do I have to book a place?"
• "How long do you think it will take?"
• "I am not doing your ride, but can you tell me where start point for this other ride that you are not doing is?"

Of particular concern is the Midsummer Madness ride. Which starts at 2AM in Brick Lane, and then we join Southwark up to Primrose Hill to see the sunrise at 4.43 am.



This always confuses people who do not know how midnight works. The next day begins at midnight.

02:00 AM is MONDAY MORNING. We always seem to get at least one person calling up at 02:00 on Tuesday... "Where are you?" I.E. SUNDAY NIGHT/MONDAY MORNING.

Maybe some people are just never often actually awake at odd hours to appreciate this.