Christopher Swenson

I decided to finally sit down and read the short story The Call of Cthulhu, by H.P. Lovecraft the other day. Turns out that it is pretty much in the public domain (this is actually a matter of some debate, but all the evidence I have found on the Internet seems to point pretty squarely that the copyrights expired long ago).

Anyways, I often wish to read works that were published in print, well, in print. I found the complete text on Wikipedia, but it feels kind of lifeless. Something like Lovecraft just feels like it should be in print, you know?

Since I like to think I'm not completely terrible at typesetting, I typeset it. At least, I typeset it enough to where the experience of reading it on paper makes me feel like I'm getting something. It's still somewhat of a minimalist typesetting.

Assuming that the original text is in the public domain, I hereby release the PDF and source of it into the public domain.

The Call of Cthulhu (PDF)
The Call of Cthulhu (InDesign Source)

For you people who care about things, the title font is Lucida Blackletter, and the text font is Warnock Pro (one of my favorites) set at 11pt, for that classic feel. It was set in InDesign CS3 for standard letter paper (14 pages at 8.5 × 11"). It's double-column for easier reading. Nothing fancy.

Maybe there will be more to come in the future?

A problem I've always had: WordPress blogs transmit passwords in the clear by default. The only way to remedy this was to break down and buy an SSL certificate for each of your WordPress blogs.

Until now.

I wrote a simple Greasemonkey script for Firefox that secures your password as it is transmitted to any WordPress site. Click here to install it (assuming you are running Firefox and have Greasemonkey installed). It seems to work with WordPress version 2.4 or better (possibly earlier … I just haven't tested it with them).

Naturally, I had to modify the WordPress change password screen. Assuming you are logged in, just go ahead and go to change your password to a new secure one. Notice the "SECURED" text that indicates that the script is working its magic.

Now, if you log out, you would normally see this login screen:

However, with the new script installed, it should look like this (note the word "Secure" has been added to the login button).

After you type in your password and click on the "Secure Login Button", the script automatically rewrites your password by hashing it (with a salt), which will produce an identical output for an identical input on the same site. You can see it in action here:

Technical notes:

• it replaces your password with a SHA-1 hash of the SHA-1 hash of your password appended with a salt. Nothing too fancy.
• The salt is the DNS name of the web server you are connected to. This way, your password for different sites will have different hashes.

  If you didn't do this, and just used a plain hash for your password, then this would not really give you too much security. For example, if you really think that your password "secret" is made more secure by using the MD5 hash of it instead, just do a Google search on the hash (dd02c7c2232759874e1c205587017bed) to see how secure your password really is.

• This is important: you will have to have the script installed on every computer you expect to login with. The password is permanently changed to be a hash, and if you could still login with the old password, that would be silly.
• You have to login normally first (Greasemonkey script off) with your old password, and then change the password with the Greasemonkey script turned on. Then, just leave it on.
• The script is licensed under the BSD license, so it is easy to adapt to your own purposes. Feel free to do so.
• I will also make this into a WordPress plugin if there is a desire for that. (I actually prefer having it as a Greasemonkey script so that I know that it is working and hasn't been changed, but I know some people don't want to use Greasemonkey to do this.)
• A Twitter version is also in testing and cleanup (Twitter does secure your password when you login, but not when you change your password).

If you like what you see, then click here to install the script.

If my writing seems sparse here lately, it's because I've been writing a bit more on the High Def Delight blog, an HD-centric blog hosted by b5media. Check it out.

Being a good consumer, every year or two I get the urge to upgrade my PC. "Do I need more RAM? A better CPU? Well, if I get those I might as well get a new motherboard, and …", etc. I'm sure many of you are familiar with this drill.

But, during my last few bouts, I've realized that there is no good reason for me to upgrade. This doesn't make sense! My current PCs were bought in 2005 and 2006, so should be getting to be ancient by now, right? I mean, my 1998 PC was a 166 MHz, 32 MB RAM piece of crap, and by the end of 2000 I was screaming along with with a 1 GHz behemoth with 256 MB RAM. That's 600% the raw processing power, and 800% the RAM in TWO years. Granted, the 1 GHz machine probably cost me an extra order of magnitude, but things were moving fast then.

Now, my 2005 laptop is a first-gen MacBook Pro: 2GB RAM, 2.16 GHz (32-bit). Three and a half years later, what would I get? 2GB RAM and 2.6 GHz (64-bit). What? That's an increase of 0% for RAM and 20% in almost twice the time of my 1998 to 2000 upgrade.

And we can stretch that back. The Intel Core's immediate predecessor in the Pentium M series (the successor is the Core 2). I had a 1.6 GHz Pentium M in my laptop back in 2003. So, the current top-of-the-line laptop isn't even twice the CPU that my laptop was five years ago. To be fair, the newer ones have two cores, but each of those cores is only 75% faster than five years ago.

We've fared slightly worse on desktops: my late-2006 PC is a first-gen Mac Pro: 2GB RAM (upgraded to 6 GB now) with 4 × 2.66 GHz processors for about $2600. Today, I'd get 2GB RAM, and an 8 × 2.8 GHz processors for $2800. An increase of $200 (‽), 0% RAM, and (theoretically) 210% CPU (in reality, the difference is probably more like 10–20%).

Sorry, but I'm not dropping nearly three thousand bones for something nearly identical to what I bought a couple of years ago.

I guess it will be at least a few more years before I upgrade.

Note that this doesn't address video cards: these have gotten ridiculously faster in the last few years. But I don't care as much, since my user experience on my computer is primarily 2D (don't play many games. But, when I do, my older, cheaper GPU can keep up enough to make me happy).

I don't know about you, but I really despise Word files. I hate dealing with them: they are bulky and slow, and full of potential problems. Even with Office 2008 for my Mac, they are a pain.

PDFs on my Mac are, however, pretty nice. As long as they can be loaded with the OS X's Preview application (99.9% of the time), they are snappy and quick to search. I have fallen back in love with PDFs on my Mac.

Why back in love? Well, in Windows, PDFs were a pain-in-the-ass. Acrobat was slow, would crash my browser, and just looked so unnatural. I understand there are alternative readers out there now (like Foxit) that solve some of these problems in Windows. In OS X, there's Preview. They aren't so bad anymore. I recall that someone once said that PDFs are the land mines of the WWW (due to the shouts of "Nooooo!!!!!" when you accidentally click one and have to load Acrobat).

So, a big "duh" moment came for me a few months ago when I realized that taking huge, complex documents that were written in Word (and some HTML documents) and printing them to PDF would save me so much hassle and pain. (For example, the 3GPP publishes all of their documents in Word.) I must say that it makes it so much easier to keep more of the documents open, easier to browse them, and I don't have to worry about accidentally modifying them while they are open.

Word 2008 is even nice enough to let you save directly to a PDF in the "Save As" dialog. This appears to be just a shortcut to OS X's built-in Print to PDF ability, but it saves a few clicks.

It's noteworthy that, for some documents, I might still have to open up things in Acrobat. My taxes, for example, have to be done with real Acrobat, since the text boxes were not created very well, and break in Preview. But with Acrobat 8 we have proper subpixel anti-aliasing on the fonts, and it's fairly snappy, so it doesn't bother me too much.

Acrobat 8 Reader on Windows, though, I've had a lot of trouble with. Specifically, WinShell (my LaTeX editor) will crash it constantly when it notifies it of an update to the PDF created by LaTeX.

It's been quiet here lately. I've had a lot of projects going on that occupy most of my time in the evenings and on weekends.

One of these is a new blog I will be writing for, so expect news of that in the next few days. I've been putting together a chapter for a book, working on my dissertation, working on new web sites, and a whole slew of other activities.

Once some of this stuff starts taking off (and out of my plate), I will have more time to post.

So, I want this post to have some meat. Well, one of the things that has been occupying my time lately has been programming things for my dissertation, particularly in Python using scipy.

Scipy is great. What is not so great about it is two-fold: everyone else uses MATLAB (or the free alternative, GNU Octave), and there is practically no documentation on scipy. Scipy has a bunch of packages that emulate various toolboxes from MATLAB, but what makes matters worse is that sometimes it doesn't implement all of a package, or it implements it strangely.

How so? Well, MATLAB doesn't differentiate between a 1x1 matrix and a number, and you can use them interchangeably. Scipy is much more strictly typed, and you can't just mix and match. Nor can you mix and match complex numbers, reals, etc. Also, MATLAB numbers all lists, matrices, etc., starting with 1, and scipy use's Python's conventions of starting with 0. This makes a lot of MATLAB example code you for something you are doing annoying to port over to scipy.

One great resource for this is NumPy for Matlab Users. Not only does this tell you how to convert many common MATLAB operations to scipy, but it gives you an idea of what you can do with scipy.

Both tools are excellent, if a little difficult to get working on Mac OS X.

A quick tip for MATLAB users: MATLAB has a great function for cross correlation, called xcorr. The scipy.signal package includes a function, correlate, that is almost, but not quite, completely incompatible with the xcorr function. So, I reimplemented the MATLAB xcorr in Python, as follows:

 
def matlab_xcorr(x, yy = None):
  # if no y, compute the autocorrelation of x
  y = yy
  if y == None:
    y = x
 
  n = len(x)
  c = zeros(2 * n - 1, complex)
  for m in range(1, 2 * n):
    c[m - 1] = cxy(x, y, m - n)
 
  return c
 

Hopefully someone might find this useful, if they are suddenly frustrated by the lack of xcorr in scipy.

BTW, I recently switched to writing Python code Google-style, and have never looked back.

I finally successfully hacked my D-Link VTA-VD (Vonage Terminal Adapter) 1.00.09 firmware to work with an arbitrary SIP server. (Although I've kept it at the 1.00.07 firmware once I successfully downgraded).

I relied heavily on these two posts. I definitely would have had a hard time doing it without them.

First, you can just hope that your D-Link has the Support account unlocked. Usually, the password will either be blank, or it will be "tivonpw", and the user name is "Support".

If that doesn't work, you can try the URL trick: login as "user" (usually the password is "user"), and then send it a URL of the form

http://192.168.0.2/cgi-bin/webcm?getpage=/usr/www_safe/html/home/home_system.htmvar:OldProvisioned=on&=&var:OldUnProvisioned=on&=&var:isFirstTime=no

where you change the IP address, and alternate between "on" and "off" for the "OldProvisioned" setting in the URL. Eventually, you should get both the "Provisioned" and "Non-Provisioned" reset check boxes checked. Once you do, tell it to do a factory reset. Hopefully that will work. (It may take several tries, as well as a hardware reset or two (by pressing the reset button).)

That didn't work for me. If that doesn't for you as well, you are in for a bit of work. You will need a DHCP server, a DNS server, a TFTP server, and Wireshark. I have OS X, so I used Fink to install a DHCP server (called "dhcp") (rather than futz with OS X's built-in one) and the DNS server (I used BIND, listed under "bind9"). So, first, set up your DHCP server with a nice subnet like (in /sw/etc/dhcpd.conf):

subnet 192.168.0.0 netmask 255.255.255.0 {
  range 192.168.0.2 192.168.0.2;
  server-name "192.168.0.101";
  option routers 192.168.0.101;
  option domain-name-servers 192.168.0.101;
}

Where 192.168.0.101 is the IP address of your box, 192.168.0.2 is the address of your VTA that you would like to hack. If it complains when you start it up about some file being missing, just run sudo touch /var/db/dhcpd.leases.

Now you need a DNS zone. If you are on OS X, just drop this line into your /sw/etc/named.conf:

zone "vonage.net" {
    type master;
    file "/sw/etc/named.vonage";
    notify no;
};

And then create a file /sw/etc/named.vonage with the following junk in it (again, the 192.168.0.101 should be your server):

$TTL    604800
@   IN  SOA vonage.net. root.vonage.net. (
                  1     ; Serial
             604800     ; Refresh
              86400     ; Retry
            2419200     ; Expire
             604800 )   ; Negative Cache TTL
@   IN  NS  ti.tftp.vonage.net.
ti.tftp.vonage.net.      3600000      A     192.168.0.101

While you are at the command-line, go ahead and launch the built-in TFTP server with the command sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist. You can unload it later with sudo launchctl unload /System/Library/LaunchDaemons/tftp.plist. The TFTP folder is in /private/tftpboot.

You have Wireshark installed by now, right? Good. Now, plug that router into your machine (not connected to the Internet), and sniff all of the traffic using Wireshark. After about a minute or so, you should see a TFTP request come in for a file called at ti.tftp.vonage.net at "/adsfadf/ti00179A------.xml", where the junk at the beginning is some random junk, and the "00179A------" is your MAC address.

Now, go out on the Internet, and grab that XML file from Vonage at http://httpconfig.vonage.net/adsfadf/ti00179A------.xml (again, replacing where necessary), and upload the XML file to that same folder under /private/tftpboot on your server. Don't bother trying to read it... it's apparently encrypted with RC4 (and you can recover the key later). Now the VTA will either find the file on its own, or you may just reboot it again and it will search for the file and find it on your "Vonage" TFTP server.

Ha-ha! Now you should be able to login as "Support" (either no password or "tivonpw" as your password, again).

Now, you need to get a copy of the 1.00.07 firmware to downgrade. Login to your box with the Support account and upload it!

Now, it does have two firmware slots, and it seems to have a tendency to boot up into the 1.00.09 firmware for no reason, so if that happens, upload the 1.00.07 firmware again.

Okay, home stretch. Configure it with a static IP (trust me... it's easier). Now find a Windows box (ugh) and get the beta copy of CYT 4.6 (I couldn't get the stable one to work, at least). Open up the program from the command-line with "DLINK" as a command-line parameter (like, cyt46.exe DLINK). Set the IP address of your device (option 3), and then go to option 1 to reset the password and start an XML provisioning server.

I'm not sure what all kind of magic is going on here, but something is. (I also had my Windows box as the DNS and default gateway, too, which may or may not have helped.) Eventually (after about a minute or so), it should report success. I had to reset it and do this again for it to take.

And after that, you should be able to configure the device for an arbitrary SIP server by logging in with the Admin account ("Admin" is the default password, case-sensitive).

I have been a pretty big fan of Verizon FiOS ever since I got it last August. The Internet has not ever gone down that I can recall, TV quality is excellent, and it's competitvely priced.

However, there are a few things that you probably don't know about FiOS, as I didn't until I spent a couple of hours of my evening playing around and on the phone with tech support.

That Ethernet port on your FiOS box? It doesn't work. Your ONT (the boxy thing that provides the FiOS magic) has a multitude of ports: incoming fiber, and outgoing coax, two phone ports, and an Ethernet port. It is not possible to use both the coax and the Ethernet port at the same time.

FiOS TV gets its listing and on-demand setting from the Internet. This has some interesting implications. I am really curious how this works if you have FiOS TV, but not the Internet plan?

FiOS TV requires the coax port. Well, duh, right?. But, when combined with the previous notes, that means that, if you have FiOS TV service, you cannot use the Ethernet port.

FiOS uses bandwidth on that coax cable from 1 to 1150 MHz. According to my router, it uses somee range under 1000 MHz for Internet service, and 1001 through 1150 MHz for communicating with FiOS TV. Note that a lot of cable splitters only go through 900 MHz, so be careful if you start using your own.

Only about half of the tech support guys were helpful when I called (one did not know several of these points when trying to diagnose what my problem was), so watch out if you need to call.

I never noticed it before, but many of the resources that I either own or would love to own regarding PDF, PostScript, MetaPost, etc., are all available for free online!

• Mathematical Illustrations: A manual of geometry and PostScript by Bill Casselman
• PostScript specifications from Adobe
• PDF specifications from Adobe
• The source code from The LaTeX Graphics Companion (2nd Edition) by Michel Goossens, Frank Mittelbach, Sebastian Rahtz, Denis Roegel, Herbert Voss.

Enjoy! I know I will.

I recently switched over this blog, and soon the rest of my sites, to Bluehost.  They seem to support all of the features I need (RoR, PHP, shell access, multiple domains, decent bandwidth and storage) for a reasonable price.  It's not virtual dedicated, but it's not priced like virtual dedicated either.

So far, I am liking it quite a bit, though I have not played around with the Rails bits yet, though I will quite soon, as several of my current projects use it.