• Shortcuts : 'n' next unread feed - 'p' previous unread feed • Styles : 1 2

» Publishers, Monetize your RSS feeds with FeedShow:  More infos  (Show/Hide Ads)


Date: Friday, 18 Apr 2014 14:19

Django authentication has security roles and CRUD permissions baked in from the get-go, but there’s a glaring omission: those roles, or Groups, are expected to be loaded by some competent administrator post-installation.  Groups are an excellent method of assigning access control to broad roles, but they don’t seem to be a first-class concept in Django.

It seems that you can kind-of save these values in by doing an export and creating a fixture, which will automatically re-load at install time, but that’s not terribly explicit – not compared to code. And I’m not even sure if it will work.  So here’s my solution to programmatically creating Django Groups.

management.py, which is created in the same directory as your models.py and is automatically run during python manage.py syncdb:

from django.db.models import signals
from django.contrib.auth.models import Group, Permission
import models 

myappname_group_permissions = {
  "Cinema Manager": [
    "add_session",
    "delete_session",
    "change_ticket",
    "delete_ticket",         # for sales reversals
    "add_creditcard_charge", # for sales reversals
    ],
  "Ticket Seller": [
    "add_ticket",
    "add_creditcard_charge",
    ],
  "Cleaner": [ # cleaners need to record their work
    "add_cleaning",
    "change_cleaning",
    "delete_cleaning",
    ],
}

def create_user_groups(app, created_models, verbosity, **kwargs):
  if verbosity>0:
    print "Initialising data post_syncdb"
  for group in volunteer_group_permissions:
    role, created = Group.objects.get_or_create(name=group)
    if verbosity>1 and created:
      print 'Creating group', group
    for perm in myappname_group_permissions[group]: 
      role.permissions.add(Permission.objects.get(codename=perm))
      if verbosity>1:
        print 'Permitting', group, 'to', perm
    role.save()

signals.post_syncdb.connect(
  create_user_groups, 
  sender=models, # only run once the models are created
  dispatch_uid='myappname.models.create_user_groups' # This only needs to universally unique; you could also mash the keyboard
  )

And that’s it. Naturally, if the appropriate action_model permissions don’t exist there’s going to be trouble.  The code says: After syncdb is run on the models, call create_user_groups.

Author: "josh" Tags: "General"
Comments Send by mail Print  Save  Delicious 
Date: Friday, 18 Apr 2014 01:07
unable to mount samsung_android: error initialising camera -1 unspecified error

Screenshot of the error message

Unable to mount SAMSUNG_Android

Error initialising camera: -1 Unspecified error

So this is the error message I get when plugging my Samsung Galaxy S2 into the USB port on my Linux boxen, all running Linux Mint Maya running the MATE desktop (Ubuntu 12.04). 

PTP_transfer_enable The answer is, of course, you need to enable PTP transfers, rather than MTP transfers.  MTP transfers work great for Windows or Mac, but not Linux.  On your phone, drag down the Notifications screen, then under “Ongoing” you’ll find something about “other USB options”.  Select that and you can pick the PTP transfer.

Per the notes on how to take a screenshot on a different phone, I took a screenshot of the final screen. Getting the screenshot onto my computer, that was a whole world of hurt.  Settings | More Settings | USB utilities | USB mass storage needs to be turned on, otherwise the file browsing from Linux shows only the directory structure, no files whatsoever.

Of course, Cathy’s HTC Desire, it Just Works.

Author: "josh" Tags: "Android, Linux"
Comments Send by mail Print  Save  Delicious 
Date: Tuesday, 08 Apr 2014 08:54

To recap: I’ve got two old 2008 Mac Pros. Lovely machines. The video card in one went bung (possibly power problems).

As a workaround I’ve been using a friend’s spare ATI Radeon 3870, which only works in Windows, not OS X.

I’ve just bought an upgrade: an nVidia GeForce GTX 480. Very nice. A beast of a card, too, very impressive looking. Got it on eBay from a bloke in NSW selling under the name “Mac PC Parts” for about A$270, which is a bit cheaper than the official Apple upgrade — which is no longer available anyway — and a LOT cheaper than any of the new cards at OWC or other etailers and retailers that I could find.

Mac Pro, video card installed

A note of caution to fellow Mac Pro 2008 users: it appears to be near-impossible to get the card out once plugged-in, due to the placement of the PCIe catch on that model of Mac Pro. It might explain why later models went to a bar thingy which is easier to get to. This also means it’s worth plugging in the two power cables before the card goes in.

Anyway, the card has taken the graphics rating in Windows 7′s Performance index thingy from 5.1 to 7.9. It even seems more responsive for regular web browsing.

There’s a certain amount of geek pride in getting each item, one by one, to the top of the scale.

But given the weak point is now the hard drive, it would seem that the next upgrade needs to be a new hard drive/SSD.

Windows performance index

But the main reason I wanted to get it was to get this computer running OS X again — son the elder is getting familiar with it at uni, and may need to run OS X-specific software again soon.

Alas, plugging in the OS X drive and trying to boot off it got me a “Operating system not found on disk” error. It would seem the Microsoft gremlins got onto it.

The disk doesn’t have anything important on it anyway, so stand by for updates as I figure out how to wipe it and rebuild OS X.

Author: "daniel" Tags: "Mac, OS X"
Comments Send by mail Print  Save  Delicious 
Date: Sunday, 30 Mar 2014 03:30

I’d been looking for something like this for ages, but must have been Googling the wrong terms.

How to get the contents of an Excel spreadsheet into a simple, no-format, plain HTML table:

No-Cruft Excel to HTML Table Converter

Genius.

Author: "daniel" Tags: "Excel, HTML-CSS"
Comments Send by mail Print  Save  Delicious 
Date: Friday, 21 Mar 2014 22:17

A lot of AU companies are revising their privacy policies at the moment, in line with new legislation.

I found this one amusing.

Melbourne IT: New privacy policy

Author: "daniel" Tags: "AU, Privacy"
Comments Send by mail Print  Save  Delicious 
Date: Monday, 03 Mar 2014 14:31

- and presumably 8.

There’s various convoluted steps to get LAN play working on more recent versions of Windows.

Mount the ISO on your hard drive, and use the somewhat unstable Microsoft supplied ISO mounting program to fool the program into thinking you CD is in a CD drive.  Install Diablo from here.  This step is not strictly necessary, but it’s so much quicker and cleaner than the alternatives.

Fetch and apply the patch to bring Diablo 1.00 up to version 1.09.  It may also be helpful to pull up the properties of the .exe and enable compatibility mode with WinXP Service Pack x. When fetching patch, get it for the version you’re installing – much confusion is caused if you get the spawned Diablo patch and apply it to the full version.

Go and get IPXWrapper, and per the instructions drop the DLL files into your Diablo directory. If you have a heterogeneous environment, all machines need to use this wrapper – IPXWrapper is a translation layer than transforms IPX into UDP, and without it IPX aware OSes like WinXP won’t see the network traffic of the IPX unaware OSes like Vista.  Punch a hole in your Windows Firewall to allow UDP port 54792.

To fix the palette issue, you might want to wrap the exe in a batch script to kill Windows Explorer whilst you’re playing Diablo.

See?  Easy.  Doesn’t take more than a few hours if you don’t know what you’re doing.

Author: "josh" Tags: "Games, Nostalgia, Windows"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 27 Feb 2014 06:45

I couldn’t find anyone extracting out the geolocation geotagging EXIF data from their photographs so they could pull it up on something like Google Maps.  There are stand-alone programs with embedded maps, but the bits and bobs lying around on the average system ought to be enough to just generate a URL to a mapping website.  The following bash script echoes the  URL that geolocates your JPEG.  Because my camera doesn’t emit it, I couldn’t be bothered dealing with the seconds part of a location, but I did detect that you don’t have a camera the same as mine.  Drop a line if you’ve used this and fixed it.

#!/bin/bash
# emit a hyperlink to google maps for the location of a photograph
declare Seconds=""
Seconds=`exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "[\d|\d\.]+$"`
if (( $Seconds=='0' ))
then
  Seconds=`exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "[\d|\d\.]+$"`
fi
if (( $Seconds!='0' ))
then
  echo
  echo "Script does not support seconds being specified"
  exit
fi
echo -n "https://maps.google.com.au/?q="
declare NorthSouth=`exif -m --ifd=GPS --tag=0x01 $1`
if [ "$NorthSouth" == "S" ] 
then
  echo -n "-"
fi
echo -n `exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "^[\d|\d\.]+"`
echo -n "%20"
echo -n `exif -m --ifd=GPS --tag=0x02 $1 | grep -oP "(?<= )[\d|\d\.]+,"`
declare EastWest=`exif -m --ifd=GPS --tag=0x03 $1`
if [ "$EastWest" == "W" ]
then
  echo -n "-"
fi
echo -n `exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "^[\d|\d\.]+"`
echo -n "%20"
echo -n `exif -m --ifd=GPS --tag=0x04 $1 | grep -oP "(?<= )[\d|\d\.]+(?=,)"`
echo
Author: "josh" Tags: "Code, Google and Gmail, Images, Linux"
Comments Send by mail Print  Save  Delicious 
Date: Sunday, 16 Feb 2014 01:27

Recently The Age has been hassling me when I get to 30 articles/month. But I’m already a subscriber!

I suspect their code is buggy. Not hard to see how it might be trouble-prone when you see how many Cookies there are: no less than 92.

The Age/Fairfax cookies

Clearing them made the problem go away… for a little while, at least. (Isn’t that how freeloaders fool it?)

Not sure if that’s a permanent solution though. And as a paying customer, it’s very annoying.

Author: "daniel" Tags: "AU"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 13 Feb 2014 01:53

Anybody else get this warning?

Gmail warning

This article has some more detail — it appears to have only affected GMail mobile/iPad apps.

I’ve checked — nothing seems to have accidentally fallen into the Bin/Trash or Spam folders.

Just goes to show, even GMail/Google ain’t perfect.

Author: "daniel" Tags: "Google and Gmail"
Comments Send by mail Print  Save  Delicious 
Date: Sunday, 09 Feb 2014 03:37

Why do I keep seeing computer-monitor sized Full HD televisions (1920×1080 pixels) with built in DVD players (720×576 pixels)? How much extra would it really cost to make it a Blu-ray and actually use all those pixels?

Author: "josh" Tags: "General"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 30 Jan 2014 06:35

I’ve had periodic problems with Google Chrome on Windows (Version 32.0.1700.102 m, but this has also happened occasionally in the past); sometimes it will refuse to copy the address bar.

Instead of copying, it will clear the clipboard.

Copying from other places, such as a web page (content or using Right-click / Copy Link Address) works fine.

Not sure if it’s an environmental issue — only seems to happen on my work machine; I haven’t seen the same at home.

Very odd.

Blogging it here because I can’t see any mentions of it online (which might be because it’s just me). Will post back if I find the solution.

Update 2014-01-31: I uninstalled and reinstalled Chrome… it seems to work again, for now.

Update 2014-02-05: The problem seems to have come back. Very odd.

Update 2014-02-20: Some old posts on a related problem seemed to suggest it might be a Chrome Extension causing issues, so I removed all of mine. The problem seems to still be intermittently occurring.

Author: "daniel" Tags: "Google and Gmail, Windows"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 09 Jan 2014 04:15

For years now I’ve been… less than impressed with the ANZ bank’s concept of how a secure banking website should work. Finally they’ve taken steps to harden their site. They’ve introduced “secret questions”, like “who was your best friend in high school”, “what’s your partner’s nickname” and “what’s your nickname for your youngest child”. At last, my money is now safe from thieves who will never guess that my my partner’s nickname is Cathy, my best friend in High School was Robert, and my youngest’s nickname is Marky. Oh, darn! I accidentally disclosed the answers to those secret questions! It’s as if that information would be widely available to any thief who took the time to look me up on Facebook (don’t bother, I’m not on Facebook).

Because in providing answers to these questions the security on my account was going up, not down, I couldn’t possibly be allowed to opt-out, with dire warnings about being liable for losses if someone found out the answers. To these most basic of questions.

Most other banks have implemented two-factor authentication. Even G-mail has two-factor authentication. But not the ANZ, they’ve stepped things up a notch. They’ve eschewed two-factor, and gone for “You’ll never guess the name of my pet, which I post on Facebook all day long”.

So I took my standard defensive action: attack surface reduction and target-value minimisation. To reduce the attack surface, for each answer I mashed the keyboard – so thieves, remember my first Primary School was in the suburb of pwofkmvosffslkdflsifcmmsmclsefscdsfpsdfpefsdflsd, or something. To minimise the value of the target, I swept all the funds out of the account. What’s wrong the the technique of establishing identity by the production and examination of 100 points of identifying documents?  Why do I need to have a favourite colour?

Cathy worked for the ANZ until recently, and the day she received her final paypacket she shut the account. Hated their account with a passion, but the ANZ is incapable of paying their employees through anything other than an ANZ account. Because, you know, banking is hard.

Author: "josh" Tags: "AU, Site design, Vulnerabilities"
Comments Send by mail Print  Save  Delicious 
Date: Wednesday, 04 Dec 2013 10:44

Here’s how to install mwparserfromhell on Linux:

sudo apt-get install python-dev
sudo apt-get install python-pip
git clone https://github.com/earwig/mwparserfromhell.git
cd mwparserfromhell
python setup.py install

After which, wikitools by MrZ-man is nice for power-users:
svn co https://github.com/alexz-enwp/wikitools
cd wikitools/trunk
sudo python setup.py install

Author: "josh" Tags: "Python"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 28 Nov 2013 01:50

This must be some new meaning of the word “Completely”.

Author: "daniel" Tags: "Windows"
Comments Send by mail Print  Save  Delicious 
Date: Friday, 22 Nov 2013 12:35

Pygal is a python library for emitting SVG charts. It might do PNGs too; the documentation is… sparse. Okay, there’s no documentation, but they show you several ways to make bar charts, and figure you can follow on from there.  Anyways, the installation instructions don’t work, not under cygwin.

Here’s what you should do:

  1. ensure cygwin has the libs libxml2-devel and libxslt-devel installed
  2. issue the command
    cygwin$ pip install pygal

and you’re done. Getting pip into cygwin is a whole world of hurt, but you will need to go looking for a http (not https) source to download setuptools, then download and run ez_setup.py, followed by using pip to upgrade setuptools. Have fun with that; I know I did.

Author: "josh" Tags: "Python, Windows"
Comments Send by mail Print  Save  Delicious 
Date: Monday, 18 Nov 2013 20:45

I’ve got two old Mac Pros, and on one of them, the Nvidia 8800GT video card suddenly started causing weird errors in Windows.

Nvidia crash

Then it started doing the blue screen of death repeatedly, a crash in nvlddmkm.sys.

Nvidia blue screen

I have no idea why it started happening now — the Nvidia drivers don’t appear to have been updated for months, and Windows Update hasn’t installed anything for almost a week.

Oh well.

Boot into Safe Mode With Networking

Download the latest drivers

Install with Clean Option on

Reboot

Seems now to work, touch wood.

Update 2013-11-19 18:45 — No such luck. It seemed fine this morning, but later on started crashing like before. Investigations continue.

Update 2013-11-19 21:00 — After playing around disabling various things, and puzzling over what might have updated itself (since there was nothing recently installed or patched listed by Windows), I think I may have found the culprit: the Steam client beta (which I’m using to get the family sharing trial). Have disabled this, and Windows seems to be stable again. Will try it for a bit longer, then report findings to Steam.

Update 2013-11-20 — It couldn’t be that easy, of course. And I have dissed Steam without justification. The video card is still playing up — now so much so that:

  • a lovely speckly pattern appears when booting
  • Windows proclaims the video card isn’t working, and automatically puts us into Base Video (640×480) mode
  • OS X won’t boot at all — the GUI presumably tries to come up, then it reboots

Oh dear. Trouble in video card land.

The card is an NVidia GeForce 8800 GT, quite a nicely specced card. I suspect it’ll need replacing, dammit.

Update 28/11/2013: As per the comments I found another spare PCIe card (an ATI Radeon 3870) which works… in Windows. Not in OS X. Even the broken card partially works in Windows, but not at all in OS X.

A workmate pointed me to the Tony Mac x86 web site, where I found a good list of graphics cards compatible with OS X.

Thankfully however this specific machine is mostly used for Windows-only, so there’s no tearing rush. In fact Windows performance index thingy rates the ATI card slightly higher than the nVidia one.

One option is to buy the official Apple-supported Mac Pro video upgrade kit, an ATI Radeon HD5770, which is A$299. Despite the Apple site claiming it requires a post-2010 Mac Pro, plenty of sources indicate it’s fine with a 2008.

Author: "daniel" Tags: "Mac, Windows"
Comments Send by mail Print  Save  Delicious 
Date: Thursday, 14 Nov 2013 08:44

I’ve long regarded JavaScript in the browser to be one of the biggest security holes in web-browsing, and at the same time the Internet works less and less well without it. In 2008 Joel Spolsky made the observation that for some people the Internet is just broken:

Spolsky:   Does anybody really turn off JavaScript nowadays, and like successfully surf the Internets?

Atwood:   Yeah, I was going through my blog…

Spolsky:   It seems like half of all sites would be broken.

Which is not wrong.  Things have changed in the last five years, and now the Internet is even more broken if you’re not willing to do whatever random things the site you’re looking at tells you to, and whatever other random sites that site links off to tell you to, plus whatever their JavaScript in turn tells you to. This bugs me because it marginalizes the vulnerable (the visually impaired, specifically), and is also a gaping security hole.  And the performance drain!

Normally I rock with JavaScript disabling tools and part of my tin-foil-hat approach to the Internet, but I’m now seeing that the Internet is increasingly dependent on fat clients. I’ve seen blogging sites that come up empty, because they can’t lay out their content without client-side scripting and refuse to fall back gracefully.

So, I need finer granularity of control.  Part one is RequestPolicy for FireFox, similar to which (but not as fine-grained) is Cross-Domain Request Filter for Chrome.

The extensive tracking performed by Google, Facebook, Twitter et al gives me the willys. These particular organisations can be blocked by ShareMeNot, but the galling thing is that the ShareMeNot download page demands JavaScript to display a screenshot and a clickable graphical button – which could easily been implemented as an image with a href. What the hell is wrong with kids these days?

Anyway, here’s the base configuration for my browsers these days:

FireFox Chrome Reason
HTTPSEverywhere HTTPSEverywhere Avoid inadvertent privacy leakage
Self Destructing Cookies “Third party cookies and site data” is blocked via the browser’s Settings, manual approval of individual third party cookies. Avoid tracking; StackOverflow (for example) completely breaks without cookies
RequestPolicy Cross-Domain Request Filter for Chrome Browser security and performance, avoid tracking
NoScript NotScripts Browser security and performance, avoid tracking
AdBlock Edge Adblock Plus Ad blocking
DoNotTrackMe DoNotTrackMe Avoid tracking – use social media when you want, not all the time
Firegloves (no longer available), could replace with Blender or Blend In I’ve have had layout issues when using Firegloves and couldn’t turn it off site-by-site
Author: "josh" Tags: "Advertising, Data theft, Extensions, Jav..."
Comments Send by mail Print  Save  Delicious 
Date: Tuesday, 22 Oct 2013 00:42
Author: "josh" Tags: "Coding"
Comments Send by mail Print  Save  Delicious 
Date: Sunday, 13 Oct 2013 11:09

I was watching Todd Sampson‘s Redesign My brain S1E1 Make Me Smarter and noticed the subtitling was annoyingly wrong. FMRI was subtitled as MRI. Baseline became based on – and there was more errors. My hearing’s not super-great, but even I could tell that these weren’t right.

Twice I’ve seen subtitling so bad that I’ve been prompted to find out who did it. Last time it was Jacqui Mapoon at CSI.

This time it was Jacqui Mapoon at CSI. Either Jacqui does a lot of work for CSI and sometimes has bad days, or she does a little work and often screws it up. What are the odds that on the two occasions I notice very bad subtitling, the same person’s behind it?  Subtitling is a very specialized field, so there can’t be that many people doing it, but at the same time a lot of TV is subtitled. I know from personal experience that subtitling takes at least 5 minutes per minute of show, and can take more if it’s particularly speech-heavy. There are a few hours of TV a night requiring subtitles, and it’d take one person one day to subtitle one hour of TV, so there’s probably a few dozen people in Australia doing it; live subtitling is a different specialty. Perhaps work processes need to be changed; I know I proof my subtitling after having done it, and spot errors. Perhaps someone other than the original subtitler ought to do the final proofing? Proof-reading error rates would show whose work needed more attention.

Most of the subtitles that I’ve seen are great – precisely timed transcriptions of the spoken dialogue, either exact reproductions or well thought through précis, contracted just enough to be faithful to the words and the intent whilst also fitting on the screen. For some reason American stuff is all caps unless the character is off-screen. Given so many in this industry can get it transparently right, why does one person’s work repeatedly poke me in the eye? Somebody give Jacqui some training, stat!

Author: "josh" Tags: "TV"
Comments Send by mail Print  Save  Delicious 
Date: Saturday, 28 Sep 2013 06:32

Driverless vehicles are coming. A clear legal framework will make them come all the sooner, and there’s an opportunity to make autonomous vehicles as safe as passenger aircraft.

Don't drive a car like a smuck, get the car to drive you!

Don’t drive a car like a smuck, get the car to drive you!

Make the manufacturer(1) solely responsible for all liabilities incurred by the vehicle, driverless or not. Transfer this liability to anyone who modifies the vehicle without manufacturer approval(2) – covering up sensors, adding systems, modifying software etc. While autonomous, fines for driving infractions are the responsibility of the manufacturer; demerit points are treated as unidentified and the fine for failing to identify the driver is payable by the manufacturer. Annual vehicle registration fees(3) remain payable by the vehicle owner, but third party insurance costs – personal and property – are remitted to the manufacturer, who could be expected to pay you to… not drive the car – if you drive the car, that creates an uncontrollable liability, but if the car drives itself then the risks are only those that are those due to the product, which presumably would lead to product improvement to decrease crashes and injury.

How would you force owners of cars that are the liability of someone else to properly maintain them? Simple; you make the manufacturer cover maintenance costs too – tyres, servicing etc. So now we’re getting to the point where we ask: what are people paying for cars that they only have to cover the running expenses for? How does the manufacturer recoup the cost of maintenance? Doesn’t really matter, but I think you’ll see that driverless cars will only be able to be leased, or hired, or rented, or some other such model. They’d basically be taxis – paid for by time and distance.

Every driverless crash will be investigated by a federal body – the Australian Transport Safety Bureau. To aid investigations, vehicles will be required to detect crashes and refuse to function after them; extensive data logging like on aircraft will be mandated. Because of the lack of humans involved, crashes come down to systems failure and the crash rate should be highly controllable.

 

Fly, KITT, fly

(1) Autonomous vehicle manufacturers might baulk at these plans to make them directly fiscally responsible for their products. Fine; they could instead put an insurance/finance company in as the responsible entity, but whomever is responsible would have to prove to the government their capability to meet their contingent liabilities.

(2) That is, you can hack your car if you want. But if you do, you wear the (potentially quite substantial) risks associated with having done so. Find an insurance company that’s willing to cover you (ha!).

Have you played thePopulation: Tire game? If not, you haven't lived.

Have you played thePopulation: Tire game? If not, you haven’t lived.

(3) Why do we charge registration fees? Owning a car doesn’t impose any costs on society. Driving it does; parking it does. There ought to be taxes on… tyres. The consumption of tyres by a vehicle is roughly correlated to the wear and tear on infrastructure and other externalities. Motorbikes, two tyres; semis eighteen or more. There are already taxes on fuel, again because of externalities – and presumably, because they’re easy-to-levy taxes that are hard to avoid. But infrastructure wear is not a function of fuel consumption, but it is a function of using tyres. The problem with a tyre tax is that people will naturally buy tyres that last a long time, rather than other considerations – for example braking efficiency; to address this some wear factor ought to be applied too.

Author: "josh" Tags: "Future trends, Legalese, Money"
Comments Send by mail Print  Save  Delicious 
Next page
» You can also retrieve older items : Read
» © All content and copyrights belong to their respective authors.«
» © FeedShow - Online RSS Feeds Reader