jjncj.com

...everybody has at least one.

And I, not to buck the trend, now have two blogs. Or 1.5, since I am not whole owner of this, the blog I share with my wife.

My new blog is to be found at joshuakugler.com. It is a blog that will focus mainly on tech stuff: programming, system admin, and computer topics in general.

And I have a new e-mail address, since bigfoot.com, after years of use, seems to now be having major technical problems. I am now reachable at:

joshua@joshuakugler.com

I hope you'll visit!

In my job at EE Internet, we do a lot of remote data collection, including collection from cameras. Now, the makers of these cameras have figured out how to put the date and time as a graphic in the image itself (Umiat Airfield) but for some reason they haven't figured out how to embed that same information in the EXIF Data for that image. Very aggravating.

So, Python to the rescue. I came up with a script that extracts the area given, converts it to black and white, inverts it (because these cameras have light text on dark background, and OCR doesn't seem to like that), and then feeds that file to a command-line OCR program. It then takes that text, parses it for the date, and then prints it out in any date/time format desired. Works quite well.

Here it is in all its glory.

Comments, improvements, critiques, etc., are always welcome. And yes, you can post comments pointing to another program/project/whatever that does what I did and does it way better.

• It requires Python's PIL image library


• It defaults to using the gocr command. This is available in the 'gocr' package in Ubuntu. It also seems to work well with ocrad, which is also available in Ubuntu.


• There should not be any symlink vulnerabilities in this as the exclusive lock is kept on the file while there is data being written to it. Once the data is written, and the file is closed, then it is passed to the OCR program as an input file. Then, it is removed.
  

UPDATE: Modularized it so you can call it from the command line, or import it into your own Python script and call it that way.

In response to Tristan's post which is in response to Aaron's post, the logo for Canonical is probably not accidental. Merriam-Webster defines canonical as:

of, relating to, or forming a canon

And a canon is:

a : an accepted principle or rule
b : a criterion or standard of judgment
c : a body of principles, rules, standards, or norms

But it also says canonical means:

conforming to a general rule or acceptable procedure

Which Canonical most certainly doesn't. Well, it may conform to free software, but certainly not to the widely accepted practices of proprietary software.

So, Canonical is a cannon designed to change/improve/destroy the currently canonical definition of how software is supposed to be created, sold and supported, thus forming the new software development canon? Sounds good to me.

It's nice to see Dell promoting Linux now that they are selling machines with Linux pre-installed. For a quick overview on what this Linux and Open Source thing is all about, take a look at this short video.

(Via: Joey Stanford)

For those of you who have been wondering what this "RSS" thing is, and who don't really know what I mean when I say "subscribe to updates from my blog," Common Craft has a cute little video entitled "RSS in Plain English." Check it out below, and if you have any further questions, drop me a line via the contact page.

Click To Play

Melissa Draper points out that every has their reasons for not adopting Linux. Whether it be the software they have to use, the hardware, or other reasons.

But she raises an interesting point: if your Linux-adoption hurdle is hardware compatibility, it is very likely you could buy Linux-compatible replacements for less than the cost of a Windows Vista upgrade. So if your hardware is keeping you from giving Linux a try, check out alternatives...it might be cheaper in the long-run.

It's happened! Dell has officially said it will support Linux! And what distribution will they officially support? Why, Ubuntu, of course. Details are still filtering out. Keep watching.

For details released before the official word, see this Desktop Linux article.

Woohoo!

UPDATE: More information on the Ubuntu site as well as the Dell site.

Mike Kruckenberg writes about a talk given at the 2007 MySQL User Conference. It seems the United States Navy is using MySQL running on four-node Linux cluster to handle operations aboard one of their aircraft carriers. Great to see Open Source getting its sea legs. Or is that improving its sea legs? Anyone know of other "nautical" Open Source applications or deployments?

The Firefox web browser has an extention called IETab which enables you to open a tab and browse websites via Firefox, but using the Internet Explorer rendering engine. This can help, for instance, if a site staunchly proclaims itself "IE only" and will not make changes for alternate browsers. Over at Hacking for Christ, Gervase Markham has a post entitled "IETab Considered Harmful?". He references the Slashdot article about MovieLink suggesting that users use IETab so MovieLink doesn't have to go to the "trouble" of making their web site Firefox compatible. Gerv observes:

The harm is that this 'solution' still excludes everyone on a Mac or on Linux, and its availability also makes the site far less likely to change to support Firefox properly. In other words, whereas before Mac and Linux users could add Windows Firefox users to their numbers when petitioning sites to upgrade to support web standards, the existence of IETab divides those two groups and gives those of us using non-Windows operating systems, and those who want to see sites supporting standards properly, far less clout.

Very true. The problem I have with IETab, however, is one of security. If you are using the IE rendering engine, you are opening yourself up to all the problems, standards non-compliance, and security holes you'd have if you used Internet Explorer directly. I keep telling friends, family, clients, and colleagues to use Firefox for better security. If there are sites out there encouraging users to "just install IETab to use our site," most of that security advantage will be negated.

At the conservative end, I think IETab should carry a big, fat warning along the lines of "This plugin is for development and testing only! Using it may compromise your system's security!" On the extreme end, I would have it done away with altogether. If you need multiple versions of IE for testing, on the Linux side of things, there is IEs4Linux, which allows you to install and run multiple versions of Internet Explorer on your Linux machine. I'm sure there is something similar for Windows. For Mac, you're still stuck, as IE no longer is available for Mac (at least last I checked). I suppose you could install Linux under Parallels and then install IEs4Linux.

So, yes Gerv, IETab is harmful, but not only for the reasons you bring up.

Izzy has a good post about security, viruses, and myths. In it, he explores the "age old" question as to why there are no viruses for Macs. While, in the past, the answer may have been market share, the main reason now is the same reason there are no viruses for Linux, Solaris, or any operating system with a strong security model: You. Simply. Can't. Write. One. At least not one that will have any measureable affect.

Why? Two words: security model. In the non-Windows world, users run as normal users, and not as administrators. Any application or script compromised can only modify files owned by that user. Any attempts to modify system files or system binaries will be denied. Now, Windows Vista is supposed to solve some of this by making a user run as a normal user, and prompting for additional privileges when needed, but I've read it's so annoying, people are turning the feature off and running as administrator.

Another reason: bad software design. Example: scripts in Word documents and in Lookout, er, Outlook e-mails that run without user intervention, and e-mail themselves to everyone in your address list. Yes, KDE4 will have DBus-in-everything-even-your-toaster^®, but to my knowledge, scripts attached to e-mails will not run without user intervention. And if you run a script or binary attached to an e-mail, you had better know what it is (there are also the holes in MS products that can be used to lie about the type of a file: calling an executable file a jpeg, for instance).

Another choice that makes Linux a little bit more secure (not sure about Mac) is that any file on a web site or in an e-mail is either opened by the application that can view it (not execute it) or it must be saved and have its execute permission set. No accidentally executing a program attached to an e-mail here. Granted, you could say, "Open this EXE attachment with Wine" (a windows emulator) or, "Open this Python script attachment with the Python interpreter," but again, you must take an explicit action, and are warned that opening an attachment can compromise your system's security. [Disclaimer: I've not checked the behavior of Kommander scripts for KDE. Clicking on one may offer to open them with the Kommander script interpreter.]

But even if you open an attachment with malicious code, it is running as your user, and no files can be modified other than your own. Conclusion: the virus can't spread on the system, and it can't infect system files. The worst it can do is replicate itself (poorly) to the user's files and maybe other people in the user's address book. It can't install itself as a system service, install a key-stroke logger, or other such malicious behavior.

Note: If you have scripts in your home directory which you run as administrator, make sure they're owned by administrator and not by you. Hmm...need to check my ~/bin. But then again, if you have scripts in your home directory that you run as administrator, it probably means they are custom scripts that would be very hard to write viruses for anyway.

So, it all comes down to security and how it is enforced. If Microsoft wants a secure system, they should write an emulator for backwards compatibility, throw away Windows, and start from the ground up to design and write a secure operating system.

Paul Graham says so. I'll not belabor the point, other than to agree, but when "up and comers" have no sense of "fearing Microsoft," and when those in the tech know-how are all using Mac and Linux, Microsoft is dead. The leading edge eventually becomes standard operating procedure, and Mac and Linux will continue to be adopted on a wider scale.

Those of us who have been through software development, or sat through a software engineering course, learned about many different software development models: Waterfall, Iterative, etc. Larry Wall, the creator and "chief programmer" for Perl came up with a new one when asked "What criteria mark the closure of perl6 specification?"

It seems you are presuming a Waterfall model of development here. We're not doing the Waterfall, we're doing the Whirlpool, where the strange attractor whirls around with feedback at many levels but eventually converges on something in the middle. In other words, a whirlpool sucks, but the trick is to position your whirlpool over your intended destination, and you'll eventually get there, though perhaps a bit dizzier than you'd like.

I'm sure we'll see it in all the major text books in a few years.

You have a few hundred old computer mother boards. Your company needs a sign for their new lobby. What do you do? If you're the geeks at ServerBeach, you spend twelve hours on a weekend, and come up with the the most beautiful lobby sign I've seen anywhere.

Certainly something that will make any geek catch his or her breath at first sight.

Izzy just alerted me to a 10-day old story on the tech news site "The Register" that points out the E-Bay hole I blogged about, and names me as the one pointing it out. I also blogged about the hole getting fixed.

It's always nice to be mentioned on a large site.

Way back in the early days of my interactions with the Internet (1996), I started learning the Perl programming language. I had a client who wanted to create a database-driven web site, and before I realized I had no idea how to do that, I said, "I can do that." Well, my search (probably on the term "CGI") led me to CGI Programming on the World Wide Web by Shishir Gundavaram. Since that book used Perl, I learned Perl, my first "real" programming language (I had learned a little bit of C64/MS Basic before that).

Fast forward ten years. By now I've done a few database-driven web sites, a few C/C++ projects, and a fair bit of database design and programming (in Visual Basic). Should mean I'm a Perl hacker for life, right?

Well, maybe not. Around the end of last year, I had just completed a 500 line script in Perl that extracted data from files, and generated pages and diagnostic data. After that, I realized that I did not want to code my entire Master's project in Perl. Keeping track of the data structures became a nightmare, and I realized how much I struggled to wrap my mind around the syntax, instead of it coming naturally and efficiently. I needed something better...at least something that worked better for me.

[I pause here to note: this is not a flame against Perl. As I stated, I used Perl for 10 years, and enjoyed using it, and was very productive using it (at least in smaller scale projects). I just came up against a project and domain where Perl wasn't the best fit for me. It may very well have been the best fit for someone else. We now return to our regularly scheduled blog entry...]

I'm familiar with a lot of languages, but as stated, have only used Perl, Visual Basic, and C/C++ in any real capacity. I had heard a lot about Python, and knew enough to know that I'd probably enjoy the way it's set up. I like organization, and one of the ways Python organizes things is by using indents to denote blocks of code: all code at a particular level of indent is in the same block. An example, using classes, methods, and 'if' statements.



And there you have a fully functional python class. Python's class syntax is so intuitive to me that I've used (that is written) more classes in Python in the past few months than in all my years of Perl programming. In addition, I find the syntax to use objects in Python to be more natural, and less to type for that matter.

-- '.' instead of '->' as the object accessor. It's just easier to type.
-- Calling the class name as the constructor instead of PackageName->new() makes more sense to me.
-- Declare a class with 'class ClassName' instead of the several lines it takes to define a class in Perl

There are other reasons and areas as well where the syntax, semantics, and philosophy of Python just makes more sense for me, and I may write on those in a future post.

You can read my evaluation and reasons (complete with Typos) which I wrote for my boss and coworker to justify coming up to speed in a new programming language for my Master's/Work project.

To sum it all up, "I'm really liking and enjoying Python." I rewrote that aforementioned 500 line script, and added even more functionality, and ended up with not much more code. The language was very natural to learn, and it was very easy to come up to speed with the functions I needed. I've written about 1000 lines line python so far...I think I've hooked.