Creative Engineering

Dear users of browsers other than Firefox, I’m not talking to you now. Sorry. Dear remaining readers, have you ever disliked having to a) remember all of your different passwords for all websites or b) store them on your local computer so you can’t get at them from other places or c) use the same password everywhere even if that makes the impact of security issues a lot worse? I used to go with option b) but I didn’t really like it. Now I’ve found something else; allow me to share. Read the full post »

The submission timeframe for the current Song Fight, “Paper Thin”, ended four days ago and the submissions were just published. Unfortunately I didn’t manage to submit my song in time (I recorded most of it in the last few hours) but you can listen to it anyway. Read the full post »

Good news! A couple of weeks ago I found the Song Fight website. Song Fight works like this: a song title is posted. You write a song for that title within a week and submit it to the fightmaster. When the week is up, the fightmaster will publish the list of all entries on the website. Visitors can now vote for songs until the songs of the next fight are published. The winner of a fight gets to brag… and not really anything else. Apart from a serious boost in creativity and musical skills when you make it a habit to participate, that is.

Yesterday (going by the local timezone) I submitted my first Song Fight entry for the title “Interesting Times”. It will be up on the Song Fight website shortly, and it’s now available here. Read the full post »

Take note if you had problems using dmsetup-tc, the program I published last month that allows you to use TrueCrypt®’s encrypted system drives/partitions (also called the “pre-boot authentication” feature) from Linux environments (and possibly other Unices). I have found a few rather embarassing bugs in it that made it rather unusable in pretty much all cases (it’s actually really astonishing that it even worked for myself…). So if previously you got a cryptic message like “fatal error: Success”, now would be a great time to try again.

Download dmsetup-tc 0.2 or review the original article about dmsetup-tc that explains the details. As usual, feedback is appreciated.

TrueCrypt® is a multi-platform on-the-fly drive encryption tool. It allows you to encrypt all your data in a filesystem and still use everything normally. On Windows, it supports encrypting the system (boot) partition (or the entire boot drive); you can even make TrueCrypt® encrypt your existing partitions live and continue working (though the I/O performance sucks until it’s finished encrypting everything), pause and resume the encryption process (even across reboots). In short: it’s rather useful.

Even though TrueCrypt® introduced Windows system encryption in version 5.0 in February 2008 (that’s five months ago), its Linux version still doesn’t support accessing these encrypted partitions at all (it does mount “normal” TrueCrypt® volumes though). Since I recently encrypted my entire Windows drive but couldn’t live without the music files stored on it, I now humbly present the result of two wasted nights: a solution. Read the full post »

CAPTCHAs: these warped images you have to copy text out of in order to submit comments on an ever-growing number of websites.

The warped image approach has a number of serious flaws. Firstly, there is a strong correlation between the difficulty bots have with extracting the code from the image and the difficulty humans have with extracting the code from the image. In some cases, I hear it’s actually easier for machines than it is for humans.

Secondly, blind people and people without graphical output on their computers are automatically banned from your CAPTCHA-protected system. Bad.

A different approach is needed. Text-based CAPTCHAs, however, would likely require a knowledge base that challenges are generated from, and due to technical limitations, that knowledge base would probably be finite. A finite knowledge base means that it can probably be inferred from a decent number of challenges.

Some other approaches, such as Hashcash-style challenges, require that the user’s computer solves a difficult mathematical problem which ensures that it will be busy for quite a while until the correct solution is obtained (and the challenge can thus be passed). Again, this results in problems with accessibility.

Luckily, there is an alternative family of approaches that make spamming absolutely infeasible without causing any of the typical accessibility issues. As you know, spamming only pays off due to the ludicrously large number of places you can put your advertisements. Were said places to implement a disincentive to placing a large number of ads, spam would instantly leave them alone.

Enter the disincentive-based solution: ccCAPTCHA. Developed by myself, it works by charging commenters a certain monetary value. All the user has to do is supply their credit card number. You can now test ccCAPTCHA online at my ccCAPTCHA prototype site. On that page, I’m also making the technical parts of ccCAPTCHA available to other interested webmasters. And it’s all for free!

You’re welcome.

Tom7, also known as Tom Murphy VII, has been challenging musicians to create an entire album in 24 hours. Consecutive hours, that is. In other words, this challenge is an excellent source of sleep deprivation and a great way to avoid doing things I ought to be doing instead. So I thought to myself: one day I simply must give this a try. That day was today (and yesterday). I proudly present my first Album-A-Day: You Vs. The Others. Read the full post »

Today’s glance at reddit.com yielded a blog posting by a fellow who calls himself “Poromenos” and who recently wasted his day by designing a function made up of sines and cosines that encode the string “Hello world!”. “Hey”, I immediately thought, “I can do that too! I’m an expert at wasting my day, after all.” Only I decided to go a step further and write a program that generates this sort of function. I’m lazy, remember? Read the full post »

Please read carefully the following important message that does not come from the anonymous persons running whyfirefoxisblocked.com and whydiggisblocked.com.

You’ve reached this page because the site you were trying to visit now blocks visitors from the human race and other beings capable of browsing the web.

The users on continents such as America, Asia, Europe and Antarctica openly endorse critical thinking, a function of the human brain that allows humans to ignore irrelevant perceptions such as advertisement on web sites, and are well known for paying no huge amount of money to the owners of sites they visit. Humans that ignore all advertisement are an infringement of the rights of web site owners and developers. Numerous web sites exist in order to provide quality content in exchange for displaying ads, humans who don’t click on these ads are stealing bandwidth without paying for it and website owners deserve a method to block this unauthorized bandwith theft.

Since the human brain does not allow website owners a method for excluding perceptions and do not obey “give away all your money” law, abiding webmasters are forced to block all humans. Demographics have shown that not only are humans a somewhat small and insignificant percentage of the planet, they actually are even smaller in terms of value, therefore blocking these beings seems to have only minimal financial drawbacks, whereas ending resource theft has tremendous financial rewards for honest, hard-working website owners and developers.

If you wish to view the site you came from we suggest stopping being human and becoming a machine instead.

(Of course, humans using Digg are where the real evil is at.)

A few days ago, I posted a cheat sheet for Git (just as last time, Git is a really cool revision control system). Let’s face it: it was ugly. Not something you would actually hang up where other people could see it, was it? Here’s the remedy, which also works on both A4 and Letter and is more detailed. Read the full post »