This is my site. It's ordered mainly in a 'directory' fashion. To navigate, use:
Specifics about me.
After recent news item on slashdot considering easy defeatability of certain type CAPTCHA I set out to investigate risk of easy defeatability of wbcaptcha, figlet based captcha.
First, pixelized image based approach. This could be feasible, but it needs some kind of a rendering system. Probably 'lynx --dump' would do the trick, then searching for something that looks like a captcha and rendering that with suitable, most easily identified font and processing that as a regular image. Most likely selecting color of font and expanding that to make insignificant spaces disappear.
With that approach, there's a snag. Visual text identifying has very big problems with overlapping characters. And with figlet that means option called smushing (and used in probability P(0.5)). I'd say that limits it to at most 50% hit rate, with heavy (at this point of time) calculations and rather complex image analysis. I kinda hope that people capable of doing it are doing better things :)
Another approach would be to simply pregenerate all the letter combinations captcha has, get MD5 sum of them and make database of combination (dictionary attack).
As for the feasibility: wbcaptcha uses 60 different characters in captcha and subsequent characters are independent of eachother (eg. it could be 'aaaa' as well as 'abcd'). It can use 2 different renderings of characters (smushed or plain) and there're several fonts available (I have 5 listed). Default length of captcha is 4 characters (not limited to). This means that there are 60^4*2*5 ~= 13*10^6 possible renderings of captcha with figlet. MD5 checksum is 16bytes in length when stored, if we add to this length of corresponding captcha, this becomes 20 bytes. In total this database would weigh at approximately 260 Megabytes.
That's little. It would probably take little time for some zombiefication software to generate that size of file and query it locally.
Againg, there's a snag. Upping the word length to 5 characters makes database 144Gigabytes in size, 6 characters makes that 8 Terabytes and 7 characters takes 509 Terabytes.
My conclusion is that at this time, with current default settings wbcaptcha can be a push-over defense, but with little hardening it could be rather formidable, if not entirely equivalent to image based captchas.
The equation for database size is
60^(number_of_characters)*2*5*20 bytes. You can easily evaluate it's size in
google, for example: 60^8*2*5*20
bytes in terabytes.
Today's piece of code is a CAPTCHA plugin for blosxom. This one is based on ASCII art (there already is one that generates images) generating 'figlet' program.
You can see the effect by using the 'Post Comment' button below.
Things of note are that you will need to have 'figlet' installed, or alternatively just use the venerable BSD 'banner' program. Second thing is that you should configure wbcaptcha to be loaded before writeback (or other writeback -acting plugin, like wbnotify). So if your writeback is called '1writeback', call wbcaptcha '05wbcaptcha'.
The story.html setup can be tricky unless you use interpolate_fancy, with which it really isn't. Here is sample story.html for wbcaptcha. Look for things having wbcaptcha. Best of all, read documentation for plugin with 'perldoc wbcaptcha'.
You can download wbcaptcha - 2004-10-11 here.
Please note that this plugin only affects incoming comments/writebacks, not trackbacks. For more information please look at blosxom spam prevention wiki page.
I recently pondered wbcaptcha security in a short piece, it may be of interest.
Edit 2004-10-18: Bill Ward made his captcha plugin available.
Edit 2005-8-25: Warning about trackbacks and spam prevention
link.
I packaged libgmail, a python library handling messaging with Gmail for Debian.
Ok, did it actually quite a few days ago, but now took the plunge and arranged it so it could be apt-get install:ed.
To install and keep updated on this package, do following:
The reason I packaged it is so that I can develop wmgmail, a DockApp gmail notifier with it.
Update: python-libgmail package has now entered Debian/unstable, I
suggest using it. As of version 0.0.8-3 it has the patch that wmgmail relies
on. My repo still has local versions, but they're unlikely to be updated.
After seeing some places implementing humanized dates and ages (Gmail impressed me most :), I coded fluffydates -plugin for blosxom.
It's output is age of certain date or date's shorter/more readable form. It most often looks like this for dates: 0:02; Yesterday 9:44; Thursday 9:44; February 18; February 18, 2003. For age it would look something like this: 20 minutes; 9½ hours; 0¾ day; 1¼ days; 7½ months; 1¾ years.
It supports multilingual sites, a primary language can be chosen and other languages used via interpolate_fancy blosxom plugin. interpolate_fancy can also be used for accessing date translating functions to have more interesting effects.
Usage/installation is simple: drop it into your plugin folder, and place $fluffydate::story_date and/or $fluffydate::story_age in your story.html. For fancier accessing you'll need interpolate_fancy.
With interpolate_fancy, you can use four additional functions, human_storydate, human_storyage, short_date and date_to_age. Two former are almost same as those provided via variables, but these can be localized.
All four functions take two parameters, lang and short. lang tells which language to use (English and Finnish so far :) and short tells if shorter form of date should be used (Mon instead of Monday, etc.)
Example with interpolate_fancy:
...
<span class="writeback-date" title="$writeback::date">
<@humandate.short_date output="Yes" short="1">$writeback::date</@humandate.short_date>
</span>
Download fluffydate.
Updated 2004-10-18: fixed typo, fixed one close-shaved moment cutoff,
fixed handling with not found dates (again, typo).
Update: Available for download!
This one is a DockApp, intended for use
with WindowMaker or fluxbox -window managers. It has a
graphical configuration interface using GTK+.
Functionality includes:
Source distribution: wmgmail-0.5.0.tar.gz.
Debian users are welcome to use the repository I've set up at http://psavo.iki.fi/debian.
wmgmail has four dependencies. For absolute minimum utility you'll need python, pywmgeneral and libgmail. If you want graphical configuration and mail preview, you will also need reasonably recent (for GTK version 2) pygtk.
Non-debian:
wmgmail is written in python and uses libgmail for interfacing gmail, pygtk for dialog interfaces and pywmgeneral for dockapp business.
Great thanks to all respective authors.
I updated the amd76x_pm module for linux-2.6.0-test4, as there was some pci_dev brokage.
Tried to get it into 2.6 via Alan Cox, but he went studying, so now I try to use the Dave Jones route.
Download: amd76x_pm-2.6.0-test4.patch.bz2
Update: 2.6.9-rc1-mm5 changed a thing and patch didn't apply cleanly. This version below is fixed in that regard.
Download: amd76x_pm-2.6.9-rc1-mm5.bz2
I updated the amd76x_pm module to work with amd_k7_agp -module. It's now rediffed against linux-2.6.0-test9, but should apply to earlier kernels as well.
Update: applies and works at least up to 2.6.5-rc3 and 2.6.5-rc3-mm3 (both are newest at the moment of writing this).
Download: amd76x_pm-2.6.0-test9.patch.bz2
Update2: 2.6.9-rc1-mm5 changed a thing and patch didn't apply cleanly. This version below is fixed in that regard.
Download: amd76x_pm-2.6.9-rc1-mm5.bz2
Packaged pywmgeneral, a DockApp python library for Debian.
DockApps are small applications that sit on the edge of your screen and display semiseful information. DockApps are supported at least by WindowMaker, fluxbox and blackbox.
To install and keep updated on this package, do following:
Last item in list is actually my own project, a gmail notifier as a
DockApp. The're also some interesting applications on pywmgeneral upstream
site.
I was a bit surprized to learn that there is no timestamping tool for standard input in UNIX. So I wrote one.
It takes a parameter, which is in a format that 'strftime(3)' -function understands ('date --help' will show you a quick cheatsheet :). Then it takes all standard input (STDIN) and outputs those lines prepended with timestamp determined by parameter.
Example:
# default is "%H:%M:%S ", which outputs "HH:MM:SS" $ du -hcs linux-2.6.3/ mm41/ | timestamp 22:51:56 213M linux-2.6.3 22:52:00 82M mm41 22:52:00 295M total # some other timestamp format /usr$ du -hcs bin/ share/ include/ lib/ | timestamp "%x %X - " 03/07/04 22:54:34 - 219M bin 03/07/04 22:58:33 - 1.7G share 03/07/04 22:58:41 - 43M include 03/07/04 22:59:25 - 1.2G lib 03/07/04 22:59:25 - 3.1G total
Download timestamp-1.0.tar.bz2,
unpack (tar xvjf timestamp-1.0.tar.bz2) and 'make'. Place resulting binary
in path.
Got tired with missing all the comments coming into less obvious/fresh parts of this site and made a small plugin.
Here comes... *Fanfares* wbnotify. :) You need working writeback plugin from Rael Dornfest. (And, of course, you must be using blosxom blogging software, as this plugin plugin is for it only)
So, adjust the 'wbaddr' variable to the email address you want receive notifications into, and off you go.
Download wbnotify here:
wbnotify.
Couldn't get any sleep last night, so coded this up.
This gets (fast, written in C) various memory information, and outputs it in
mrtg -suitable way, so long-time observation is easy.
mrtg-info can display following information: total ram, free ram, total swap, free swap and memory used by buffers.
Sample mrtg -config is included.
Example image from my workstation (512MB, and buffer stats in
question): 
Download: mrtg-meminfo-1.0.tar.gz.
My weblog is my homepage is my weblog.| Ma | Ti | Ke | To | Pe | La | Su |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 |
| Kk | ||
|---|---|---|
| Tam | Hel | Maa |
| Huh | Tou | Kes |
| Hei | Elo | Syy |
| Lok | Mar | Jou |
