Tims Blog

Darknet queries have been added to the API to facilitate this data sharing stuff we do with sister sites. The IDMEF libraries are more or less done. It needs to be tested hardcore now though. There are still a couple classes that haven’t been written yet, but honestly, they handle fringe cases.

So today I was putting out a lot of fires. There are a couple pieces of software written by a certain someone which are in poor shape. Well, Ken found one of them and when I went to fix it, more stuff broke in the process; so it’s just permanently disabled for now pending a rewrite. When proxies make their appearance though, this software won’t be very necessary though, so it may just not get fixed.

I’m tired and am going home.

• top 10 free business apps for the iphone
• 6 essential iphone apps for managing your finances

I just had a grand ol idea for using Bro at work. It involves SMTP

• exceptional performance
• mail parse
• force a clean reboot when the system freezes
• propertyroom
• allpoliticalmatters
• tipd
• xbmc
• jmaps
• felt penguin
• chocolate truffles recipe
• calculate the sale price of an item on sale
• webmath
• gyminee
• ubuntu from your flash drive
• recordmydesktop
• live http headers
• header spy
• advanced character physics
• selenium ide tutorial
• xpather
• wealth ruler

I spent the last week in Austin Texas for Supercomputing 08. It’s the first time I’ve been to the conference and it was “ok”. The amount of high end computer hardware there was staggering. Networking hardware that trumps anything I’ve ever seen, and computing hardware that would blow your mind. I also had the privilege of seeing the NOC for the conference, and was offered a chance to work the compsec side of the NOC at next year’s conference in Portland.

Some good news I just noticed today is that my student loans are eligible for a 1% drop in their interest rates right before my next birthday. That’s pretty cool. I had totally forgotten about it until I went to go balance my ledger in Quicken and noticed the “benefit” on the loan website.

I tested the waters this last month in regard to my motorcycle loan and the direct principal payment address. You see apparently Honda has different addresses for standard monthly payments, and non-standard direct principal payments. They go to two different states also, odd.

Anyways, you need to call Honda’s customer reps to find this out. They give you the other address without question, but they point out that you need to add an “Attention so and so” to the address so that it goes to the right place.

Well, I don’t buy stamps (I’m thrifty, what can I say); I make my bank pay for the stamp. So I usually send payments electronically. Well, the bank has a database of customers that it will gladly send payments to “immediately” instead of the normal 5 days that it takes to send a physical check to them.

This second Honda address conveniently was listed in the customer database, but there was no way to add the “Attention” line, and I wasn’t about to send random sums of money to an payment dept that wasn’t going to directly apply it to principal.

So you can tweak the address lines of these customer lists at the bank until they meet your approval. So I moved the original address down a line and added the “Attn” line that I was told to add. I decided to send a feeler out to make sure it was applied correctly; 50 bucks, something I wouldn’t cry over if something went awry.

Sent the payment electronically and would you believe it, the payment went to the correct address, dept, and was applied directly to principal; cool!

So now that I’m sure that will work, I intend to more aggressively pay down the bike. It’s close anyway, so why bother holding onto the debt.

In the video game world, I’ve been let down yet again. Last Remnant received terrible reviews from IGN; I’m so dissappointed. I was so looking forward to that game, but like other Square games recently, I’m going to have to forgo buying it because it sounds dreadful. There are a couple of good (hopefully) titles that have come out recently that are still on my wishlist, but I’m going to hold off until after Christmas and keep an eye out for sales.

I’ve never fully read an RFC before, so I’ve always had this bias towards software or libraries that implement the RFCs. “Why don’t they just follow what’s laid out in the RFC”, “Code to the standard” and other uninformed remarks like that.

Well, this last week I’ve had to read an RFC to implement a code library for a project at work. It’s been a rather eye opening experience too.

First of all, from what I can tell, this RFC is not overly complicated. Compared to long RFCs like SMTP and just about anything email, this one is rather tame.

Second, RFCs can be extremely vague or extremely general at some points. This can be problematic when you’re trying to write code. Vague instructions make coding very difficult.

Third, alternatively, RFCs can be extremely specific. Say what? Well, they are usually long documents, and they need to be specific enough to express the idea they were written for. Specific instructions are very helpful when coding. They help to reduce problems of ambiguity and help tear down roadblocks. They make decisions easier as well.

This particular RFC, thankfully, was more specific than it was vague. It makes a strong attempt to speak in UML-ish language and terms. This makes things much easier on me since I can directly translate those terms and language to code.

The progress has been steady so far. There have been several points of confusion when doing the implementation since some of the terms I’ve come across are totally foreign to me (like what is IBM SNA? Everyone I work with knows what it is except me…but then again I’m rather young).

I expect it won’t take a terrible amount of time to finish.

Well how about that. CSTAPI has grown to reach 17 base classes; yikes! Incredibly, 3 more; nessquik, CNAS and FedModel, are slated to go into the API soon.

CSTAPI is one of the development projects at work that I am most proud of. Actually, I just wish it would get more use lab wide because it is just that cool.

CSTAPI is an XML-RPC API that we use to make new applications at work, or integrate existing applications together. It’s a culmination of all of the best practices that I have studied and experimented with. It also uses lots of fancy software that I have never had much need to use before.

Things like Oracle, memcached, KML, gnupg, web proxy stuff, and many homegrown apps that other groups have made. It ties together everything; is richly documented, and available to any language (with examples in CST’s two primary languages, PHP and Python).

It’s my first app that is near fully unit tested, although I can’t speak to the usefulness of unit tests yet; still not sold on that one. It’s structured in a way that I’m really satisfied with. It underwent a bit of refactoring to get it to this point, but now that it’s here, I find it extraordinarily easy to add functionality to it.

Since it’s a site specific solution though, there’s little reason to show it off. Many good lessons I’ve learned though have incorporated themselves into the current codebase for nessquik. So when the next version of nessquik is available, you’ll be able to get the gist of how CSTAPI is coded. Fun fun.

• convert wma to mp3
• merijn

I want to like jQuery, I really do. It’s terribly frustrating to get working right though. I think I need better reference material. The examples are good, but jQuery could really benefit from more fringe examples; using the methods with all their options.

I’d like to think that the JS framework wars are over as well, so that’s why jQuery has been of interest lately.

• jquery primer part 2
• how to make nfs and iptables play nice
• duplicate files searcher
• jquery how to add variable to array
• nginx
• remastersys
• 91 ways to become and even greater developer
• how to import and export a gpg key pair
• 5 best windows maintenance tools
• using selectors in jquery
• fdupes
• siege
• lucene index toolkit
• jsviz
• moowheel
• boxee