These three games present interesting logic puzzles:
I needed to see someone about my shoulder/neck injury. On the recommendation of a coworker, I went to see Dr. Jon Dickinson. He seems to be very nice, knowledgeable, and happily explains what he’s observing, rather than just writing a prescription.
Dickinson, Jon A, MD
California Pacific Ortho and Sports Med
3838 California St Rm 715
San Francisco, CA 94118
(415) 668-8010
I just took a fun test to determine how good I am at discriminating colors. Lower values are better. My results:
Your score: 8 Gender: Male Age range: 30-39 Best score for your gender and age range: 0 Highest score for your gender and age range: 1464
Neat! Take the test here.
We needed to modify the resources of an installer and then apply an Authenticode signature. Unfortunately, it already had a signature on it, and modifying the resources of an executable with a signature results in a corrupted signature. The Microsoft signing tools cannot recover from this situation, so:
It is not possible to re-sign a file after modifying its resources.
However, it is possible to remove the existing signature, modify the binary, and then apply a new signature. There are two approaches (which almost certainly amount to the same thing):
Your Certificate Authority will supply one of the following:
For the second and third case, these file must be converted to a Personal Information Exchange (.pfx), using the Pvk2Pfx.exe tool.
Syntax for .spc conversion:
pvk2pfx -pvk filename.pvk -pi password -spc filename.spc -pfx output.pfx
The syntax is identical for .cer conversion:
pvk2pfx -pvk filename.pvk -pi password -spc filename.cer -pfx output.pfx
Signtool.exe can be used to sign executables (.exe) and Dynamic Link Libraries (.DLL).
signtool.exe sign /v /f filename.pvk /p password executable
signtool.exe sign /v /f filename.pvk /p password /t timeurl executable
Where timeurl is the URL of your Certificate Authority’s timestamp server (e.g. http://timestamp.verisign.com/scripts/timestamp.dll for VeriSign)
signtool verify /pa executable
/pa indicates that the “Default Authenticode” verification policy is used. Omitting the switch will cause the verification to fail, which does not necessarily mean that a given file isn’t Authenticode signed.
While investigating Authenticode, I become curious about the Portable Executable format. This is the file format used by all Windows executables.
Here is a good overview in the context of .Net. And here is the referenced image which is missing from that post (originally http://jfmasmtuts.blowsearch.ws/Ch2/peheader2.jpg):
This missing image turns out to be part of a fantastic overview of the PE architecture. While the original article appears to be long gone, it lives on in an archive (and as a PDF in my own archive).
Here is a significantly more dry introduction, from MSDN.
With CAPICOM deprecated, MSDN suggests using the mssign32.dll functions. There are two fundamental problems with this:
Well, at least I can do something about #2. Here is a minimal version of a header file for mssign32.dll. It includes direct function declarations, as well as function pointer typedefs.
The function pointers can be used with LoadLibrary/GetProcAddress to dynamically call the functions, as in:
SignerSignPtr pSignerSign =
(SignerSignPtr)GetProcAddress(hModule, "SignerSign");
The MSDN website sucks. It loads extremely slowly, and is visually cluttered.
It turns out that MSDN has a low-bandwidth (“loband”) option. This will cause MSDN to render using much simpler HTML, which loads much more quickly and has a very clean appearance. To use this feature, tack “(loband)” at the end of the URL, before the .aspx suffix.
For example, here are the MSDN pages for SendMessage:
Note that you can make this the default rendering method by clicking on “Persist low bandwidth view” at the top of the page:
(source)
The Bert P. Krages website has a handy, downloadable PDF version of the “The Photographer’s Right”.
If you object to the recent harassment of photographers in public places, I suggest that you download this, print it out, and carry it in your camera bag.
Craigslist is one of the greatest sites in the world, and the entire Bay Area seems to revolve around it. Sadly, Craigslist’s search facility is extremely bad, seemingly only capable of searching within a price range and neighborhood. Craigslist supplies RSS feeds, but this still means I have to sift through a lot of information in order to find what I’m looking for.
Yahoo Pipes provides a way to filter and manipulate RSS feeds. It’s very visual, and relatively easy to use. This would be an excellent tool to prune down my Craigslist RSS feeds.
Unfortunately, as of some time in the recent past, Craigslist has begun blocking Yahoo Pipes. Perhaps someone wrote an overly-popular pipe which caused a tremendous load on Craigslist’s servers, or perhaps Craigslist thinks they’ll somehow lose income by allowing Pipes. Either way, it sucks.
The work-around which I’ve employed is to mirror the base Craigslist search on my own server, then feed the Yahoo Pipe from that.
This requires you to have a server which:
First, create an appropriate directory structure. For example:
mkdir ~/public_html/feeds
Next, test out curl or a similar content-fetching application on a Craigslist RSS feed URL. Don’t forget that quotes are usually needed around the URL:
curl "http://feedUrl" --output ~/public_html/feeds/yourFile.xml
Examine the content of the file and make sure that it’s the expected XML. If the file is very small, and contains text to the effect of, “this URL has moved”, then you may have forgotten to surround the URL with double quotes.
To fetch this mirrored RSS feed, use the “Fetch Data” source and provide it the URL to your freshly-fetched file.
If the pipe can’t be read, verify the permissions for the containing folder hierarchy on your server. For *nix boxes, make sure the execute bit is set (chmod a+x ~/feeds).
Create a script file which will retrieve any and all feeds you wish to mirror. I place my scripts in ~/bin, so I placed the following into ~/bin/fetch-feeds:
#!/bin/bash rm ~/public_html/feeds/yourFile.xml curl "http://feedUrl" --output ~/public_html/feeds/yourFile.xml
Note that I delete the existing feed mirror before fetching the new one so that any retrieval error will be obvious.
Now, call this script from inside your crontab (Scheduled Tasks on Windows servers):
crontab -e
I update my mirror at 7am and 2pm with the following:
# Fetch Craigslist feeds at 7am and 2pm: 0 7,14 * * * ~/bin/fetch_feeds
