Computing | Ady's Blog

Nikon Capture NX on Linux

I am feeling a little bit slow today, because my notebook is slow. LOL. I think this relates directly to the fact that everyday at work I am using a new Lenovo T60 notebook which is much faster than my 2 years old personal notebook. I used to dual-boot the notebook with Debian where the speed is acceptable but since I acquired a DSLR it is a hassle to switch OS. And I am not supposed to install non-approved software on the company computers.

My main issue not to run 100% Linux is that most of the graphics editor will not run properly, and most of the time fail to run on Wine. One of the software I use a lot is Adobe Photoshop. A couple of month ago I tried running CS2 on Wine and it didn’t work. I gave up on that. Recently, CS3 was released but I didn’t bother to try at all to avoid any disappointment.

Since I take all of my photos as RAW, or to be more precise in NEF (Nikon Electronic Format) I need either Photoshop or Nikon software to process the pictures I took. I’ve tried using dcraw and other open sourced RAW programs but the results just ain’t the same. Too bad. Or perhaps I am the one being not an expert in using those tools because some people do get better output. Quote from dcraw: “when used skillfully, produces better quality output than the tools provided by the camera vendor“.

Anyone have ever tried running CS3 or Nikon Capture on Linux (and succeeded)?

Surf The Internet Faster with OpenDNS

So you want to surf the Internet faster? Ever heard of OpenDNS? I have been using OpenDNS for a week now to test its performance. So far it has not let me down, and the name resolving rate is satisfactory.

What is DNS?

DNS stands for Domain Name System. As you might already seen before, the Internet is made up of numbers called IP numbers that looks like XXX.XXX.XXX.XXX. The responsibility of DNS is to resolve the domain names you insert into the address bar into these numbers so that your computer can connect to the server hosting the contents you are looking for.

Every ISP has their own DNS to serve their customers. For example TMNET in Malaysia has two most common DNS servers: 202.188.0.133 and 202.188.1.5. These IP numbers are sent to your PC or your modem-router when you connect to the Internet. It works the same for any other ISP on the face of the world.

DNS eliminates the need for you to remember IP numbers which can be very long, especially when IPv6 is just around the corner.

DNS by Example

To arrive at this page, your address bar will contain https://blog.adyromantika.com/…. At this moment your PC will query the default DNS server and looks for the IP. The DNS server, looks at it cache and sees whether it already knows the IP and if found it will send the IP to your PC immediately. If not, the DNS server will ask the authoritative DNS server for the domain where in this case it will be NS5.SECURESERVER.NET and NS6.SECURESERVER.NET, then returns the number 68.178.254.5 to you. This is where this site is hosted.

What is OpenDNS?

OpenDNS is a free service, where millions of users around the globe requests names to be resolved. Be aware, however that your ISP might block DNS queries from individual PCs to any other DNS servers than their own. It is dumb but some of the ISP do it.

Can OpenDNS Speed Up My Internet Connection?

It can’t. The only thing that OpenDNS will speed up is the initial connection when your PC is trying to resolve numbers from any given domain names. What happen is that since OpenDNS is used by many and it have a huge cache, queries made are returned immediately so your PC does not have to wait. Also it helps if your ISP DNS is slow. Using OpenDNS speeds up the initial query so you’ll notice a difference in loading time.

How to Set Up OpenDNS on a PC?

You can see what DNS servers your machine is using by going to Control Panel > Network Connections > Select your default connection > Select the support tab > Click on button Details…. You should see the DNS Server.

To change it to use OpenDNS, Control Panel > Network Connections > Select your default connection > Click the Properties button > In the list select Internet Protocol (TCP/IP) > Click the Properties button > Select Use the following DNS server addresses > Enter the DNS server addresses 208.67.222.222 and 208.67.220.220

Please be aware however that you need administrative privilege to make these changes, and the firewall at your location allows queries to external DNS servers. If in doubt you may ask your system administrator, or better still if they have a local DNS server set up ask them to use OpenDNS as the master DNS servers.

Other Interesting Facts

OpenDNS has a database of bad sites consisting of phishing sites (by default) and adult sites (free registration required). If your PC is set up to use OpenDNS all of these can be blocked without any effort at your end. All that is needed is for you to be sure no one but you can bypass the settings and use other DNS servers. For example I set up my router to use OpenDNS in its local DNS server, and blocks any other DNS queries to the Internet. This way I am sure that my local network is safe from any malicious contents. This is an advanced (and technical) topic so I am not going to write it in here unless there’s any request.

OpenDNS does have instructions on how to use OpenDNS for many devices here. However you need to be smarter than your users to totally block other DNS queries except to OpenDNS servers.

Conclusion

OpenDNS is a good effort to provide quality DNS services to the masses. In the beginning of this article I mentioned that it has provided me good speed, not great mainly because the servers are located in the US and one in UK. International speed from TMNET is generally unpredictable so until OpenDNS setup a server in Asia, we get good speed, not great 😉

Here are the current servers:

New York, New York, USA
Palo Alto, California, USA
Seattle, Washington, USA
Washington, DC, USA
London, England, UK

Give it a try and let me know what you think.

PHP 4 End Of Life

PHP 4 will finally reached its end of life on December 31, 2007. However critical security fixes will be made available until August 8, 2008.

This is a good time to revise your codes, to see whether they will run without any glitches in PHP 5. That first, then when doing any code upgrades or improvements do consider PHP 5 features and functions for your code. This page lists all changes that are not backward compatible in PHP 5.

As you can see, your code styling and implementation greatly effects the outcome of your code. For example the function array_merge in PHP 4 is loose and accepts any variable to be merged into an array, but in PHP 5 if the supplied variable is not an array PHP will throw you a warning (E_WARNING). It is strict. If you have always made sure that your code is strict, that is to always provide an array to be merged, then you can sit back and relax.

That is one example of a changed function, and there are some additions to the available functions as well. Be very careful to observe the changes to object handling in PHP 5.

If you are managing a server, do consider installing PHP 5 as a side, and test your existing systems thoroughly. If you use managed hosting, consider pushing your server provider to install PHP 5 for the same reason. Also make sure that if your provider wants to totally migrate to PHP 5 you are well informed. However, from my tests most of the systems that were developed in the PHP 4 era can still function well in PHP 5… but it is better to be safe than sorry.

New Portable Apps

Hey hey hey, PortableApps.com have released a bunch of brand new applications such as winMd5Sum Portable 1.0.1.55, On-Screen Keyboard Portable 1.0, Notepad++ Portable 4.1.2, Virtual Magnifying Glass Portable 3.3, and some portable games for your pleasure.

New Portable Apps

Go ahead to http://portableapps.com/apps for your dose of portable apps.

System Administrator Appreciation Day

It’s that time of the year again. The last Friday of July is the System Administrator Appreciation Day. You have plenty of time to plan them a party, or buy them gifts before the day arrives. But please, no mugs!

You can see some suggestions for gifts here.

Go ahead, consider it. You can seriously make them happy and in turn they can make you happy all year round. They can do all sort of nasty things, although they usually don’t do it. They can read your emails and tell the whole world about it. They can also make your life easier if they like you!

I am currently not a System Administrator for an office infrastructure, but for an integration system. So unless the collection of servers and systems can throw me a party or buy me gifts, looks like nothing for me this year 🙂

Clipperz: Online Password Manager

In my previous post about passwords, I wrote about why you should not use shared passwords. One thing after another, in the comments section password storage became a topic and I suggested KeePass and at all cost avoid online password managers. I had a reason in mind, and you have guessed it right – security.

While it is possible to have a secure online password manager, it is not possible to see any source code for such system if it is implemented using server-side programming (processing done on server, e.g. PHP). Why see the source code? Well, that is the base of all security system – so that people who knows how to read the source code to figure out what a particular piece of software does, and if it is really secure and contains no malicious code.

As a matter of fact, someone just told me that I should include the source code of the Portable Pidgin I packaged so that he can be sure that I didn’t put anything malicious in there. I did, and the source has always been there since the very beginning.

Back to online password storage, one of the guys at Clipperz contacted me and asked me to look closely at the system and to analyze the source code of the JavaScript. And I did just that. I am not going into detail on what features Clipperz have, as you can always read it on their site. I am going to focus on the security side, while trying to stay as not technical as possible.

Please click on Continue Reading if you are interested to read the rest of the article.

Continue reading Clipperz: Online Password Manager

World of Microprocessors

I have been terribly busy lately and my energy seems to be drained out completely once I reach home. It’s time to write something.

For no apparent reason I was browsing the Internet when my eyes caught on the words Intel and Penryn. I was curious. Really curious so I Googled the words.

The results of my search was a bit surprising. Not long after Intel® introduced Core™2 processors (a year plus ago), based on 65 nanometer process, Intel is planning to release Penryn in the second half of 2007. Penryn is the next generation Intel® Core™2 family processors which is built using 45 nanometer transistors.

After Penryn, in 2008 Intel is planning to release Nehalem which will have a brand new micro architecture and after that, they will go for 30 nanometer transistors.

Penryn basically introduces SSE4 (with 47 new SSE instructions) and should run faster than the current processors clocked at the same speed. It is much smaller so that a silicon wafer can produce more chips which in turn translates to lower cost and better profit for Intel. I wish I have some share in that company. Penryn also supports 6MB of L2 cache per two core, meaning that the quad-core version can have up to 12MB L2 cache. Everything is built with 410 million transistors. Amazing.

The race for smaller transistors have long begun, and Intel has been succeeding as a leader compared to the rival – AMD®. While Intel introduced the 65 nanometer processor in late 2005, AMD was only able to release the same technology roughly a year after. To outrun Intel, AMD has vowed to try to release its 45 nanometer processors within 18 months after the release of its 65 nanometer processor, and that roughly translates to mid 2008. It looks like Intel is not allowing that to happen.

As a long time Intel user, I am of course biased towards Intel. But I still remember my 80386DX was made by AMD 😉

What is happening is indeed a proof of Moore’s_law being valid. It states that the number of transistors on an integrated circuit for minimum component cost doubles every 24 months. Mr Moore is still alive and kicking and he was the co-founder of Intel.

If you’re a college student, avoid doing a project to research about all processors that were ever made unless you are really into it. When I was in college I was so into microprocessors and that is what I did. However back then it was still possible as the latest processor available were Pentium II. Nowadays, I am all confused with so many code names and numerical conventions. The latest processor that I have in my household is a Celeron D, while my torrent box is running on a 9 year old Pentium III 600MHz.

45nm Hi-k Next Generation Intel® Core™ Microarchitecture
A review at AnandTech

How current is your PC?

Yahoo! Mail Now Unlimited

Yeah, you heard it right. Yahoo! has finally disabled the storage limitation for all users!

As a long time Yahoo! Mail Plus user with 2GB max storage I was surprised to see that my limit has been decreased to 1GB and only 35% of my email exists where it was at 50% level before. Of course, I did not notice the fuse on the storage meter:

Yahoo! Mail

Logging into my other Yahoo! Mail account (free), I can see that the storage limit is still there. Perhaps Yahoo! is implementing this phase by phase. You can read more about it officially from Yahoo!. Quote:

“users that follow normal email practices and comply with our anti-abuse limits can consume an unlimited amount of free email storage. This will apply to both new and existing users.”

Have the storage size limitation been lifted from your account?

Pidgin 2.0.1 Released

Have you heard? Pidgin 2.0.1 has just been released two hours ago (as of the time of writing – 25 May 2007 20:10 GMT). This release fixed various bugs, where 112 tickets were closed. Go here to see the Milestone page and here to download Pidgin.

However my most waited enhancement is not in this release. Maybe some day.

~~I shall be building and testing my version of Pidgin Portable soon.~~

I have updated my version of Pidgin Portable to use Pidgin 2.0.1 🙂

4.0Mbps Streamyx?

I was browsing through some blogs when I found myself on this particular post in doBot’s blog. Here’s the official announcement.

Familiar Malaysian forums have been discussing this for a while, and as usual I’m left behind again. Some of them mentioned that the 4Mbps is nothing if TMNet still decides to limit/throttle traffic especially for P2P users. I’m actually neutral in this P2P throttling issue, even though I am a heavy bittorrent user. Why? Well actually the number of broadband users in Malaysia is not that high, and most concentrated only among savvy Internet users. If most of these users are using P2P daily and TMNet does no policing act on it, the whole Streamyx infrastructure will most probably overload. This, is not deniable due to the incompetency of TMNet but IMHO every company deserves a chance to improve themselves, provided that they are trying to improve.

As I read everywhere in the media, TMNet is heading a committee for the second submarine link (I don’t remember the project name). That is indeed very good if it can provide us a secondary pipe and a fail-over mechanism. I have no idea but I am really hoping that this will widen our International link in a massive scale.

On the introduction of the 4Mbps link, I think it is to soon if no International link upgrade has been done. If anyone from TMNet can enlighten me that would be great, as I have no idea of what is going on in there that they actually decided to offer the 4Mbps package.

The price of RM268 is indeed quite high, but it is very reasonable IF AND ONLY IF there would be a huge improvement to speed and reliability. I know users in some other countries pay a lot more for broadband, and of course some pay less. It’s really just business and you can’t really do much about it. I’d pay RM268 if the service is good and reliable, with superb customer support. I guess I’ll just wait and see before running to the nearest TM Point.

If you want to be the first to test this service, go quick as they are offering RM198 before 17 June 2007. I need your feedback on the service before deciding. Oh yes, check the availability/coverage in your area first before even thinking about it. And of course, you have to be with 3km or less from the exchange 😉

I wonder how they would consider/calculate a package upgrade?

What do you think… would you go for this package?

What Are .ISO Images

Have you ever downloaded a file with the extension .iso and have no idea what to do with it? It has been not once, not twice, but at least 6 times I have provided a .iso file to a friend / family member and the .iso file ended up to be a single file on the CD/DVD. I know there are many computer users out there who still have no clue about .iso images.

ISO Image

Newer CD/DVD burning applications usually will associate .iso files so that when you click on such file the software will launch and open the CD/DVD burning wizard. However, most often than not I see the files having ‘unknown’ icons and not associated with anything.

A normal user will encounter .iso files much less often than geeks like me. But there are circumstances where .iso files are needed. One good example is when I was asked for a MS-DOS boot disk for a laptop without any floppy drive. So I just took a bootable .iso image I created a while ago and send it via e-mail (the size is not that big, just about the size of a floppy).

So the .iso file usually ended up in a CD/DVD rather than the files in it.

Simply put, an .iso file is an image, sort of an archive to house many files in it. It is an exact image of a CD/DVD file system. I know some gamers who use illegal games have utilities like Virtual DAEMON Manager to mount .iso images and fool the game that there’s a CD/DVD inside the drive.

Tools like IsoBuster can also help Windows users to see (and extract) the files contained in .iso images.

So next time when you receive an .iso image don’t burn it using the normal burning wizard. For Nero, use the Recorder > Burn Image menu:

Using Nero to burn .iso image

For more geeky technical reading on mounting .iso images on Linux, click on Continue Reading…

Continue reading What Are .ISO Images

New Metrics & Ranking System

I was alerted by Firefox earlier today to update one of the plugins I use: SearchStatus. It is a plugin which displays Google PageRank, Alexa Rank, and the latest update includes Compete Rank.

SearchStatus plugin with Compete Rank

It turns out Compete has been around for quite a while now. I am surprised why I never heard of them. According to the about page, the service has been created in 2000.

Five main areas provided by Compete are:

Compete SnapShot™
Compete Search™
Compete Toolbar™
MyCompete™
Compete Blog™

The technology looks promising, and I am going to register to use MyCompete. Why don’t give it a try?

This is definitely NOT a sponsored post!

Yahoo! Mail Unlimited Storage

Logging into my Yahoo! Mail today, I was surprised with a message “The storage meter is going bye-bye”.

Yahoo! Mail with unlimited storage

Yahoo! is still in the game of free emails. I am a Yahoo! Mail Plus user so I have access to POP and SMTP but I do welcome this upgrade!

After all, if free users get unlimited storage, what do paid users get? 😉

Yahoo! Mail Storage Bar

My Version of Pidgin Portable

Latest Update click here.
I am a curious programmer, and was all the way wondering on how apps on PortableApps were made. Since Pidgin, the replacement for Gaim was released I was waiting for a while for Portable Apps but I guess they must be busy with the number off apps they have to handle.

So I went and analyze the Gaim Portable sources, read some info on Pidgin official site, downloaded NSIS and I managed to make it work! I was planning just to use it personally but as always I feel like sharing it.

You can download it here:

~~PidginPortable.zip md5sum: f4ea8c532f43166b7ef61ee915c1218e~~

Pidgin Portable in the Launcher

~~And if you want spell checking support, extract this to PidginPortable\App\aspell~~

~~aspell.zip md5sum: 19a0d7cf3a384e17b642825220121462~~

They are zip archives since I have not learned about the install files from Portable Apps yet.

The Pidgin files were copied from my local installation, by guidance from the Pidgin FAQ: Running Windows Pidgin From a USB Drive.

The installed size is around 8.48MB. Like Gaim Portable, I’ve utilized UPX to compress the EXE and DLL files.

Modifications were done mainly to the NSIS script, to use new Pidgin variables and names. Many references to the original site http://PortableApps.com/GaimPortable were not changed, even in the quick splash image I made. In addition I just added my name in the source and version 🙂

There maybe some problems that I have not encountered, so you might want to use the official release from Portable Apps once it is released. They are the experts.

10 May 2007: Updated with GTK Theme Selector:

~~PidginPortable.zip md5sum: dabbfc11b03512e01d79fda935be8bb1~~ Updated below

Pidgin Portable and Theme Selector

*The GTK Theme Selector will override the settings by the Pidgin GTK Theme Control if used. If you don’t need the selector, simply delete the executable and it will disappear from the menu. The overwriting problem exists as I have to ask the Theme Selector to copy its settings written in settings/.purple/.gtkrc-2.0 to what Pidgin looks for: settings/.purple/gtkrc-2.0 (notice the dot before the filename).

I still can’t figure out how to enable aspell support so as you can see I have disabled the aspell download.

Continue reading My Version of Pidgin Portable

Why You Should Not Use Shared Passwords

You have probably heard this many times, your friend or someone told you that you should not use the same password for all of your website memberships. Perhaps they never told you why. I have seen people taking this for granted many times, using the same password even for online banking accounts! So I am going to let you know from a technical point of view, while being as simple as possible with my choice of words.

My points here directly relates to good database design, but as users you don’t have any choice and you are not even aware of what is happening at the server. Now let’s examine two scenario of how passwords can be stored in the database. For simplicity I only have 2 fields; username and password.

1. Bad Password Storage

Username	Password
john	j0hN78h#k-
jane	j4n9K^jsla69

2. Good Password Storage

Username	Password
john	f03d03e0335dad4713cd5122eebb0738
jane	5844a15e76563fedd11840fd6f40ea7b

What are those?

The tables that looks like Microsoft® Excel worksheets above are indeed database tables. Database administrators can easily see the data in this format using any tool they have.

Why is one bad and the other not?

I mentioned that a database administrator can easily see the tables. For the bad example, he/she can simply see your password even though as you can see they are quite good passwords (containing lowercase, uppercase, numbers, symbols). For the good example, the password is stored using a one way hashing algorithm – the password is stored as something else.

Are all database administrators evil?

No they are not. But what if the database gets cracked? A malicious cracker can immediately see your password if the first example is used. It is fine if it is just a instant messenger account, or something not important but I have heard people losing money! Not because banks practices bad password storage, but because users use the same password elsewhere!

How to detect if a site is using bad password storage

Simple. If you try and use the Forgot password link, they send you your actual password. This means that they can read your password from the database. Good sites always reset the password to something else either directly via email or asking you to use a form. No, they will not tell you how they store the passwords, silly.

If the system can’t read my password how do I log on?

I mentioned a conversion process earlier called one-way hashing. Using the good storage practice, the database stores gibberish that can be reproduced only by your correct password. When you first set your password, it converts the text into the hash:

“j0hN78h#k-” => f03d03e0335dad4713cd5122eebb0738

From the storage examples, the exact, same hash can only be generated by the string “j0hN78h#k-” that only john knows. It is not stored in the database. When john tries to log in, the system will reproduce the hash f03d03e0335dad4713cd5122eebb0738 from what john entered. Even if he misses one characted, e.g. “j0hN78h#k” the hash becomes a98d3bfa2f9d11fb0bfcc6e6f7ae8b73. When the system compares this with what is stored in the database, it would not match and john receives an error!

Why do I write this?

I signed on to a service yesterday and my 32 character password got truncated so I had to use the Forgot Password function. The system sent me my actual truncated password and I immediately feel glad I didn’t recycle any of my current passwords! The moral from this article is that don’t share passwords between systems. If one site is cracked, you risk of compromising the others. I rather be using many different passwords than going through hundreds of sites changing my password if a site is compromised!

The email I received yesterday from a site that (still) practices bad password storage:

Hi Ady Romantika,

Thank you for forgot password request.
Your details are as below:
User Name: ady[at]romantika[dot]name
Password: xxxxxxxxxxxxxxx

Click Here to for Login into XXXXXXXX.

It is not 100% safe as well, if you use simple passwords based on dictionary words as malicious users can deploy the try and error technique, or even use a software to crack your password. Believe me, there are many software available that can do that today!

I hope this has been useful for everyone. Remember, practice safe computing.