Wednesday, December 30, 2009

The Schema file for my FAQ

Here is my .xsd file.
 <?xml version="1.0" encoding="UTF-8" ?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> 
This is where I define the faq element. This is my "root" element. It has two attributes which I use to store version information (version, and editDate). It contains a series of sections.
 <xs:element name="faq"> <xs:complexType> <xs:sequence> <xs:element ref="section" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="version" type="xs:string" use="required" /> <xs:attribute name="editDate" type="xs:string" use="required" /> </xs:complexType> </xs:element> 

This where I define the item element (I need to change the item and section definitions)
 <xs:element name="item"> <xs:complexType> <xs:sequence> <xs:element ref="question" maxOccurs="1" /> <xs:element ref="answer" maxOccurs="1" /> <xs:element ref="see" minOccurs="0" /> </xs:sequence> <xs:attribute name="id" type="xs:ID" use="required" /> </xs:complexType> </xs:element> 
Each section contains multiple items as well as a title.
 <xs:element name="section"> <xs:complexType> <xs:sequence> <xs:element ref="item" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="title" type="xs:string" use="required" /> </xs:complexType> </xs:element> 
Each question is a plain string of text.
I had to resort to a weird trick for answers (to allow HTML) so I defined them as a mixed type.
 <!-- describe things in a section --> <xs:element name="question" type="xs:string" /> <xs:element name="answer"> <xs:complexType mixed="true" /> </xs:element> 
Each see element gets converted to the text "see also ..." with a link to the question. The section id, question id are attributes of the see element.
 <xs:element name="see"> <xs:complexType mixed="true"> <xs:attribute name="question" type="xs:NMTOKEN" use="required" /> <xs:attribute name="section" type="xs:NMTOKEN" use="required" /> </xs:complexType> </xs:element> </xs:schema> 

Tuesday, December 29, 2009

XML + XSLT --> HTML

I was (am) putting together a FAQ for my classmates. As I started writing it my first pick of format was synamtically valid HTML. I picked definition lists for the question list. My problem was that I needed to repeat certain information constantly. The "back to top" link, the "see also" link format, and a few other things.

After looking around I decided to write my FAQ in XML and write a simple python program to convert it to HTML. When I converted my entire FAQ to XML (a pain in of itself) I wrote a python program to convert it. I realized though that making a simple change to my XML spec (for example adding a "section" part) would require a reworking of my entire python script.

"Even more research" later I found XSLT. When I read the description (converting from XML to another format) I realized that it is exactly what I need. Anyway my FAQ is now written in a reason format (XML with a tag for each section, item, question, and answer) and is converted to HTML using a simple XSLT file.

I'll try post more about how I got some of the cooler features working soon.

Monday, December 28, 2009

Failed Terror Attack + TSA = More Failed Security

The title says it all - really.

Sunday, December 20, 2009

Botnet finds home in * technology

I've been reading quite a few articles which discuss various new mediums that botnets use for their C&C servers. The thing is: it isn't anything new. The idea of using a trusted (aka unlikely to be filtered) host is as old as botnets themselves.

Saturday, December 12, 2009

There is a lot of "password advice" around the net. These sites often tell you to generate some long complex password that has no meaning to anyone else but yourself, and not to write it down lest someone see your password and use it to access your account. The problem is that most good people can't remember good passwords and requiring that they do so will only cause them to choose weaker passwords.

The biggest risk to your information in today's time is random guessing of weak passwords or direct access to the database (which bypasses the need for the password). The attackers most people need to worry about tend to not care about who they victimize and instead try to go after as many fish as possible in a large pond. Most attackers don't care about you, they care about data.

2. Write it down
3. Keep that piece of paper in your wallet and in another secret location in your home

Thursday, December 10, 2009

If anyone is interested I have 20+ invites. Feel free to comment or email me for one.

Saturday, December 5, 2009

Using sockets to run VLC in the background or across computers Part 2

This is the "vlc.do" script. This is the main way to interact with vlc once you created a socket.
I also created a few other small "shortcut" scripts that are wrappers to vlc.do to make common tasks easier (such as adding files, pausing, etc)

Lets set up the defaults for options we will be using later
 #!/usr/bin/env sh cmd_to_tell=""; x_mode=""; optdir=~/.vlc_extra; 
In vlc_create_sock we put the location of the socket into $optdir/socket. Here we retrieve that location. Keep in mind that we don't look into$optdir/sockets/ directly. I did this because of cleanup problems (the socket file was not always removed when exiting)
 socket="$(cat$optdir/socket_name)"; 
We have three options:
-c "command"  This is the command we will be passing to vlc. Try "help" to see them all.
 -o dir The optdir. If you want to work on a remote computer or another user's account try changing this.
-x The script uses Xdialog to notify you of what actions took place. This is useful where you map a function to a key on your keyboard and you want visual notification that something took place.
 while getopts c:o:x option do case "$option" in 'c') cmd_to_tell="$OPTARG";; 'o') optdir="$OPTARG";; 'x') x_mode="on";; esac done  Here we check to see if you actually told us anything to do - a simple sanity check.  if [ -z "$cmd_to_tell" ] then if [ -n "$x_mode" ] then Xdialog --icon ~/bin/icons/warning.xpm --infobox "Missing a cmd!" 0 0 2000; else echo "Your missing a command..." >/dev/stderr; fi return 1; fi  Here I check to see if the socket actually exists. If it does not exist then I assume VLC is not running and I warn you via Xdialog (if -x is set).  ## if no opts give entire line not just cmd_to_tell if [ -e "$socket" ] then 
Here is the crucial part. nc or netcat has a -U option which lets you write to sockets. VLC will react to any command supplied to it via this file.
 echo "$cmd_to_tell"|nc -U$socket if [ -n "$x_mode" ] then Xdialog --title "VLC Remote control" --backtitle "I told vlc to " --no-buttons --icon ~/bin/icons/media-cdrom.xpm --infobox "$cmd_to_tell" 0 0 3000 fi else if [ -n "$x_mode" ] then Xdialog --icon ~/bin/icons/warning.xpm --infobox "VLC not running!" 0 0 2000; fi return 1; fi  Friday, December 4, 2009 Using sockets to run VLC in the background or across computers Part 1 I wrote a series of scripts to work with VLC. They work with VLC in the background and let you manipulate the music you listen to via the command line. With some small changes (change$optdir + chmod $optdir/sockets) you could even get this to work across computers or accounts. You could download all the scripts I talk about here at The SVN repo viewer or just check them out at: svn checkout http://stuffpack.googlecode.com/svn/vlc vlc-scripts Lets get this code to work on any system (if we don't know where sh is)  #!/usr/bin/env sh  Here is a simple function which creates the relevant directory and the working files. This function is only run if it can't find$optdir
 install_me() { whomedir="$1"; mkdir "$whomedir"; touch "$whomedir/socket_name"; mkdir "$whomedir/sockets"; } 
Here we initialize configuration values.
Afterwords we use the getopts interface to read the command line options.
-c = if you did not properly exit VLC last time vlc_create_sock will refuse to run. This option cleans up
-n = Allows you to use an ncurses interface as well
-o = Allows you to modify $optdir. Changing this to a directory on another user account or on another computer will let you modify remote instances  cleanup=""; ncurse=""; #we default to a directory in your home. optdir=~/.vlc_extra; while getopts co:n opt do case "$opt" in 'c') cleanup="YES";; 'n') ncurse="YES";; 'o') optdir="$OPTARG";; '?') exit 1;; esac done  If we don't exist let us install ourself  if [ ! -d "$optdir" ] then install_me "$optdir"; fi  We now work with the options you gave us.... Print "Yeah!" if we will ignoring current instances  [ -n "$cleanup" ] && echo "Yeah!"; base="$(basename$0)"; 
Here we look to see if VLC is currently running. This prevents us from stopping a current instance. Using the option "-c" will forcefully end current instances. It does not skip the check
 current_sock="$(cat$optdir/socket_name)"; if [ -n "$cleanup" ] then # exit program if currently running vlc.do -c quit; # remove the socket file (not deleted before if program not running) rm$current_sock; # empty the current socket file... :>$optdir/socket_name; fi  Here we tell you if vlc is current running. It requires Xdialog (and therefore X). I did these because of how I use the script. It isn't to difficult to change to detect X/no X or even just make it an option. This is on my list of things to do (issue 9).  if [ -e "$current_sock" ] then Xdialog --icon ~/bin/icons/warning.xpm --infobox "VLC already running...." 0 0 2000; return 1; fi 
We now know that we are all set to start a new session.
We first create a file in $optdir/sockets. This is because we will be using the "rc-unix" interface of vlc. This allows you to run vlc in the background and then close the terminal.  TMPFILE=$(mktemp $optdir/sockets/XXXXXX); #we can't operate if the file exists.... rm "$TMPFILE"; echo $TMPFILE; echo "$TMPFILE">$optdir/socket_name;  Choose the default options to run VLC with. If we specified "-n" also include an ncurses control to the same session. Lets explain each of these options one by one: --rc-unix This option tells VLC where to put the unix socket that we will be communicating with. --rc-fake-tty This option is required by certain Linux distros or when run by some Terminal emulators -L Loop through the music once you reach the last one - maybe I should make this into an option --no-media-library Not actually required --volume I let vlc run at max volume and have the operating system or speaker control what comes out. -d Run as a daemon.  # -L == loop; -d == deamon; vlc_opts="--rc-unix "$TMPFILE" --rc-fake-tty -L --no-media-library -d --volume 1024"; if [ -n "$ncurse" ] then vlc --intf rc --extraintf ncurses$vlc_opts; else vlc --intf rc \$vlc_opts; fi 
It worked! Lets return 0!
 return 0; 
In my next post I'll explain vlc.do, vlc.done, and the other control scripts.

Tuesday, December 1, 2009

How to remove the blogger bar

I found this piece of code to remove the blogger bar from the top of this page:

 <style> #navbar-iframe { height:0px; visibility:hidden; display:none; } </style>

How to use it:
1. Go to the "Layout" tab
2. Go to "Edit HTML". Don't worry if you don't know what your looking at it isn't that complicated
3. Look for the symbol ""
4. Copy the code above and paste it right below the ""
5. Preview your changes to make sure you got it right