tag:pablohoffman.com,2013:/posts Pablo Hoffman 2017-02-22T21:45:58Z tag:pablohoffman.com,2013:Post/605235 2013-09-30T00:48:35Z 2016-03-15T22:34:16Z Schedule for Breaking Bad series finale

Here's my (planned) schedule for the Breaking Bad series finale (all times in UYT)

  • 21:50
    • Write this post
  • 21:55
    • Turn off Twitter and any potential source of spoilers
  • 22:00
    • S05E16 starts airing on AMC (9pm east)
  • 23:15 (Monday)
    •  S05E16 ends on AMC
  • 23:30
    • Go to Pirate Bay, search for "breaking bad s05e16", start downloading
  • 00:00-00:30 (Monday)
    • Torrent finishes, start watching
  • 1:30
    • Finish watching, maybe browse a few discussions online, regret BrBa ended, go to bed.
I hope the next show I get hooked on gets streamed properly (everywhere, simultaneously, no ads, flat fee). I'm more than happy to pay a reasonable price!
]]>
tag:pablohoffman.com,2013:Post/573150 2010-06-28T14:28:00Z 2013-10-08T17:24:08Z Hi Posterous!

Well, I just finished moving my personal blog (previously hosted at vampiroz.org) here to Posterous. It took me a while as I had to write a (Python) script for migrating all comments and images using Posterous API. Posterous has a Wordpress importer but it doesn't import comments yet, and image support is somewhat limited. Also I had to make some formatting rearrangements to make the post texts look nice.

But it's finally done. Geez, I can't believe I won't have to maintain my own Wordpress anymore, I'm so happy :)

]]>
tag:pablohoffman.com,2013:Post/573155 2009-09-13T12:01:50Z 2013-10-08T17:24:08Z What Makes Open Source Tick

In a recent article on his blog, about the nature of open source software, Ian Bickling does a good job on explaining some of the main reasons why Scrapy exists today.

To quote a few:

Underneath most open source work there is a passion for the craft itself. This is what leads to a certain kind of quality that is not the norm in closed source software. It’s not necessarily less bugs or more features, but a pride in the expression itself. A sense of aesthetic that applies to even the individual lines of software, not just to the functionality produced. This kind of aesthetic defies scheduling and relies on personal motivation. As open source programmers we are not first concerned with how a task fits into institutions, how a task can be directed by a hierarchy or an authority, or even how the task can be directed by economics. The tasks that we take on are motivated by aesthetic, by personal excitement and drive.
But I want to get back to individuals. How things are created is not that someone determines a set of priorities, lays them out, then people work on implementation based on those priorities. That of course is how things typically work at a company, as an employee. But open source software and open source projects are created because an individual looks at the world and sees an opportunity to create something they think should exist.

The main point of the article is that licenses are becoming more and more irrelevant in the definition of open source, which is something I've been saying [spanish post] for a while now. The GPL was useful at some point, when the world didn't yet understand the benefits of open source, and to fight a cancer called "lawyers". But I hope some day it will be remembered as a tool which was very useful once, but that is no longer needed.

Otherwise, why do you think Facebook has released most of the software that powers his platform as open source?. Did you think someone threatened them with GPL lawsuits?. Or why Microsoft has recently launched its own open source foundation?. I guess it's a bit of "if you can't beat them, join them" for Microsoft, but Microsoft has long since become a very boring company. The Facebook example is much more interesting and illustrative.

]]>
tag:pablohoffman.com,2013:Post/573159 2009-09-01T09:48:15Z 2013-10-08T17:24:08Z Geolocation Not Always Good For Cdns

I just started downloading Opera 10 for Linux with my 1.2 Mbps connection at a ridiculous rate of 5 kbytes/sec

Why?

Because most CDNs use only the geographical distance from the client, to pick the best mirror for downloading.

In my country, Uruguay, this typically leads to picking a mirror from Brazil which is far from optimal, because:

  1. Brazilian servers are slow (compared to US ones)
  2. traffic from Bazil travels to US and back. This is more ridiculous than the CDNs policies, but it's what we have.

I wonder if CDNs could be made more intelligent though, using traceroute information, for instance. Perhaps the largest ones (such as Akismet) already have some better algorithm in place. And I'm sure Google already has this sorted out :)

So... I just cancelled the download and manually used a US server, even though the guys at Opera managed to make that specially hard to do :)

]]>
tag:pablohoffman.com,2013:Post/573162 2009-07-25T11:31:06Z 2013-10-08T17:24:08Z Its The Conventions Stupid

Every now and then, I stumble upon some article that amazes me because it portraits certain things that I always believed to be true, but never saw them explained so eloquently.

Such is the case of most essays from Paul Graham but, today, it's also the case of this last post from James Bennett on the programming concept called "magic". I vehemently agree with all he says. And, for me, it boils down to this:

There is no such thing as magic in computer programming - It's the conventions, stupid.

Of course, this is a subject too deep to resume in just one sentence, so I recommend you to read that article.

]]>
tag:pablohoffman.com,2013:Post/573167 2009-07-11T22:57:13Z 2013-10-08T17:24:08Z Fernando Vilar Y La Decadencia De La Television

Hoy me topé con la audio-grabación de una charla de Fernando Vilar, el actual conductor de Telenoche 4, en el 4º Encuentro de Jóvenes Comunicadores realizado recientemente en la ciudad de Trinidad, Flores.

En ella, Vilar dice mucho del estado actual de la televisión y los informativos. Y no es un problema solamente de Uruguay, sino de todas partes del mundo, encabezado por la CNN, que es la estrella del mercado.

El manejo de los medios masivos es un tema que siempre me interesó mucho (por la polémica que genera) y que dos por tres saco a discusión en conversaciones casuales. Aquí les dejo el audio de la charla de 18 minutos, en formato MP3. Les recomiendo que la escuchen, no tiene desperdicio.

De entrada, uno puede sentirse tentado a criticar a Vilar por su falta de principios, pero no deja de tener razón en eso de que el cambio debe empezar por la gente, no por los informativos. En otras palabras, y para usar los mismos términos de la misma charla, la gente ve mierda porque le gusta la mierda. En mi opinión, una gran verdad, pero no es que sea nada nuevo. Sin embargo, también es cierto que la gente que crece mirando mierda, es más propensa a gustarle la mierda de grande, lo cual termina convirtiéndose en un caso del huevo y la gallina.

Afortunadamente ahora existe una alternativa, y se llama "Internet". Con Internet, cada persona puede seguir las noticias que le interesan y no está obligada a ver la "mierda" que pasa la televisión solo porque a la mayoría de la gente (mediocre) la gusta. Hoy, como nunca antes, la decisión esta en cada uno y no en los que controlan los medios.

Asi que... ¡basta que quejarse che!. Si no quieren ver más "mierda", apaguen el televisor y prendan la computadora.

PS. Me pregunto que tan simpáticos les habrán caído los comentarios de Vilar a los dueños de Canal 4, sobretodo ese donde afirma que no se encuentra trabajando a gusto en Telenoche, y que lo hace solo por la plata :)

]]>
tag:pablohoffman.com,2013:Post/573169 2009-05-23T11:51:21Z 2013-10-08T17:24:09Z Slow Blogging Times

Is it just me or the blogosphere is a bit down these days?. And I don't speak only for myself here :).

Maybe everyone is just too busy, maybe it's the blogs I follow, or maybe people are moving to Twitter or Facebook (neither of which I follow). But my Google Reader certainly isn't as active as it used to be a couple of months ago.

It's not that I haven't got anything to read though, as Hacker News have always managed to fulfil my news-reading appetite since I started following it 6 months ago, and I'm grateful for that.

]]>
tag:pablohoffman.com,2013:Post/573174 2008-11-05T13:41:59Z 2013-10-08T17:24:09Z Proposicion 8

Hoy me doy cuenta que Arthur Clarke tenía razón cuando dijo que el ser humano, como raza inteligente, aún está en su infancia al ver que la proposición 8 (de prohibir el matrimonio entre personas del mismo sexo) fue aprobada en el estado de California. Más detalles sobre la noticia aquí (en inglés).

A mi en particular me parece un tema tan obvio que hasta me resulta estúpido discutir sobre él. Más discutible en todo casi sería el concepto del matrimonio en sí, que el del matrimonio gay. Pero bueno, se ve que hay gente que no lo ve asi.

Si alguien está en duda, creo que este excelente video de 8 minutos (en inglés) del profesor Lawrence Lessig (el mismo creador de las licencias Creative Commons, bajo las cuales se rige el contenido de este blog) trata el tema de forma muy inteligente y objetiva.

Nada más, solo resta esperar que la humanidad siga su curso y evolucione...

]]>
tag:pablohoffman.com,2013:Post/573179 2008-09-12T23:37:45Z 2013-10-08T17:24:09Z Perlitas De Scraping

Hace unos días un amigo me mandó un link a este artículo del New York Times que habla de un reciente "blooper" de la bolsa a causa de un error en el algoritmo de scraping de Google News que hizo caer el valor de United Airlines unos mil millones de dólares.

La típica expresión en estos casos es: "Whooops!" :)

Y es que hay que tener cuidado con lo que se escrapea. El problema con Google News es su propia escalabilidad, ya que en definitiva no es más que el buscador de Google ligeramente modificado estéticamente y funcionalmente (en cuanto al algoritmo de crawling y scraping) y restringido a ciertos sitios. Algo muy similar a lo que es el Google Blog Search para los blogs. La gran diferencia es que, tanto para el buscador principal como para el Blog Search, este tipo de "bloopers" pasan desapercibidos. Quién no ha visto alguna página totalmente irrelevante colarse en los resultados de búsqueda de Google?. Pasa todo el tiempo, y nadie pierde mil millones por eso :).

Pero con Google News es diferente, porque la calidad importa mucho más, y ésta se ha venido sacrificando a costa de la escalabilidad.

Por eso Froogle (ahora Google Product Search) nunca progresó mucho como servicio, ya que los sitios de "Shopping Aggregation" tienen los mismos requisitos de calidad, y Google se enfoca en escalabilidad, que es lo mejor sabe hacer.

Pero bueno, Google es asi. Tiene muchos proyectos, algunos germinan, otros se secan, y otros quedan es un estado latente intermedio, como es el caso de Google News o Google Product Search actualmente.

]]>
tag:pablohoffman.com,2013:Post/573188 2008-07-06T18:51:28Z 2017-02-22T21:45:58Z How Privnote Really Works

Given the recent popularity of Privnote as consequence of appearing in ReadWriteWeb and the front-page of Digg, a rather heated discussion has arisen about whether notes send through Privnote are really protected against someone with access to the Privnote database.

We believe it is, and I'll explain the reasons here by detailing the exact process used to store the notes in the database. I did try to explain it before in this post but unfortunately the explanation was obfuscated at best, and incorrect at worst.

So here's what happens when you create a note in Privnote:

  1. You write the note and click the POST button
  2. The server generates a random note id, let's call it the NoteID. This is the 16 chars ID you see in the note link
  3. The server hashes the note ID and gets a HashedNoteID = Hash(NoteID). We're currently using SHA-1 as the hashing algorithm, but the particular algorithm is not very important here
  4. The server encrypts the note contents (and also the email and reference, if there is any) using the NoteID, and stores the encrypted version in the database using the HashedNoteID as the database primary key

If someone with access to the database would like to read the note she would be unable because she doesn't have the key to decrypt it (NoteID), only the database primary key (HashedNoteID). The HashedNoteID cannot be used to "go back" to the NoteID because hashes are "one-way". So the only person who can actually decrypt (and thus see) the note is the one who has the original NoteID or, in other words, the one who has the link to the note.

For completeness, this is what happens when you view a note in Privnote:

  1. The server extracts the NoteID from the URL
  2. The server hashes the NoteID and gets the HashedNoteID. This is the same HashedNoteID used when generating the note, since the NoteID used to make the hash is the same in both cases
  3. The server retrieves the note from the database using HashedNoteID as the database primary key and decrypts its contents using NoteID as the encryption key
  4. The server shows the page with the decrypted note
  5. The server permanently deletes the note from the database, keeping only a record of the HashedNoteID, the time when it was read, and the IP address where it was read from, to show it when someone tries to see the note again

I apologize for not being clear in my original explanation, and hope to have explained myself better this time. Thanks to everyone who corrected me and provided a better explanation, both here and in other blogs.

Finally, I must say that we have received a lot of great feedback these days, and that motivates us to keep improving Privnote as well as making it available in more languages.

]]>
tag:pablohoffman.com,2013:Post/573192 2008-06-29T13:14:52Z 2013-10-08T17:24:09Z Privnote And Google App Engine

At first, Privnote looked like an ideal application for porting to Google App Engine because:

  • it's already written in the "official" App Engine platform (Python+Django)
  • it's entirely based on a request/response mechanism
  • we would forget about scalability problems forever

So we give it a try and implemented a prototype, just to see how it goes, but, in the end, GAE didn't work because:

  • it doesn't have support for SSL, which is mandatory for Privnote
  • it doesn't support third-party Python C extensions (which we use in Privnote) unless they're pure-python modules

As for scaling Privnote, we''ll have to try other alternatives, but it was a good experience to gain some knowledge about Google App Engine and cloud computing, which are very hot topic these days.

]]>
tag:pablohoffman.com,2013:Post/573200 2008-06-29T12:34:02Z 2013-10-08T17:24:09Z Corporate Blog Or Personal Blog

When I launched Insophia, about a year ago, I wanted it to have a blog, right from the beginning. So I chose Wordpress as the platform for the site. However, in many occasions, when going to write something, I faced the question of where to post it. Should I post it in the Insophia (corporate) blog or here, at my (personal) blog?. And, even thought it may not seem that important at first, several articles never saw the light because that uncertainty prevented me from going on.

So I'm happy that I finally made a choice. From now on, I'll write everything here. I can always aggregate the articles in the Insophia blog, if I see the need. My original idea with the Insophia blog was to be written by all Insophia people but, after a year, there are only 3 articles and all of them written by myself. Why did this happened?. Not much bloggers at Insophia, I guess. In any case, the "new" Insophia blog will be more like a "News" section (with quick short posts) and all articles (well, at least mine) will be published here.

In the future, if some people at Insophia become interested in blogging (blogging should be encouraged, but never -ever- enforced) we could aggregate all their blogs into the Insophia blog.

]]>
tag:pablohoffman.com,2013:Post/573204 2008-06-29T11:29:58Z 2013-10-08T17:24:09Z Sending Private Notes Using Privnote

Have you ever wanted to send some highly confidential information (like credit card information or root passwords) over the Internet and were afraid others could be sniffing your traffic?. Well, I have, all the time. I've always being paranoid about this, so that's why we, at Insophia, came up with Privnote, a tool for sending private notes over the net in a very easy and secure way.

All you have to do is enter the site, write the note and click Post. Then you get a link that you can send to the only person you want to read it.

What makes it so secure then?.

Two things mostly:

  • SSL encryption makes sure the note contents never leaves your browser (neither arrives at the recipient browser) in plain text
  • When the note is read (by clicking the link) it automatically self-destructs so no one else who clicks the link could read it. If the note was not read by the intended recipient, at least he/she will known that someone else did it and that the content was compromised

What about the site administrators, you may ask, those ones who always seem to have "full power" over your data. Well, with Privnote, those cannot read your note either. The explanation is a bit more technical, but here it goes: When the note is received by the server, a note ID is created (the same ID you see in the link to read the note). The note contents is then encrypted and saved in the database but (and here's the magic) the salt to encrypt the note is not the note ID but a hash of the note ID. Hashes "one way" so you cannot go back to the note ID from the hash. So the note gets stored in the DB encrypted with a token that only the person which has the note link can read it. Oh, and we also have web server access logs disabled which makes impossible for any administrator to decrypt the note contents. So, as you can see, the only person who has the key to decrypt it is the one who has the link to the note.

As an additional feature, you can get notified when your note gets read, something that (even today) is not possible with any email or instant messaging software.

Also, I want to mention that the application is available in English and Spanish. By default, it works in the language of your browser, but you can change it using the language selector in the top right corner.

I would like to hear your thoughts about it, feel free to post any comment, criticisms and suggestions.

]]>
tag:pablohoffman.com,2013:Post/573205 2008-06-01T01:09:00Z 2013-10-08T17:24:09Z ¡Google Me Copio El Favicon!

Yo sabía que de algún lado me sonaba el "look" del nuevo favicon de Google...

favicon de pablohoffman.com (desde 2004)

nuevo favicon google.com

Voy a contar los pixeles iguales y si superan el 50% los demando! :)

]]>
tag:pablohoffman.com,2013:Post/573210 2008-05-06T19:53:01Z 2013-10-08T17:24:09Z Connect To Virtualbox Guest Pcs Via Ssh Without Bridge Utils

I needed a virtual machine for debugging some Python memory leaking software without risking the health of my Ubuntu system. VirtualBox was my first choice because of its ease of install (just "apt-get install virtualbox"). Since I wanted to access the VM via ssh (instead of using the VirtualBox console) I found a bit annoying not being able to access the guest PC from my host PC. This is because VirtualBox does user-level NATing for providing connectivity to the guest PC. Although you can change the default virtual networking method, and use bridging instead of NAT, that requires installing bridge-utils and some networking configuration changes). I wanted something simpler, which didn't involve installing additional software or modifying my network settings. After all, that's the reason why I installed VirtualBox in the first place: to leave my system untouched. So after peaking at the manual, I found VirtualBox supports port forwarding between the host and guest PCs.

You have to run the following commands with the guest PC turned off:

VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/Protocol" TCP
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/GuestPort" 22
VBoxManage setextradata "Guest PC" "VBoxInternal/Devices/pcnet/0/LUN#0/Config/ssh/HostPort" 2222

Where "Guest PC" is the virtual machine name, the same name you see in the machines list (in the VirtualBox main window). Those commands add a local forward from TCP port 2222 (on the host) to TCP port 22 on the guest.

So now you can access the guest PC via ssh by running "ssh localhost -p 2222"

If you want to make it even simpler you can provide a quick shortcut by adding these lines to your ~/.ssh/config:

Host guestpc
    Hostname localhost
    Port 2222

After that, you can connect by just typing "ssh guestpc"

]]>
tag:pablohoffman.com,2013:Post/573216 2008-04-08T06:59:02Z 2013-10-08T17:24:09Z Google Launches Google App Engine

Google has just launched AppEngine, a new hosting service with "all the Google infrastructure" available for you. For now, it only supports my favorite language, but they may add more languages in the future.

A couple of things that come to my mind now:

  • If you're running a hosting company, you should re-consider your business, specially if it's a python/django one
  • This is a huge booster for Django and, at the same time, a big blow for Rails
  • Guido joining Google was a good idea

Let's see how it goes, but I foresee a promising future for this one.

]]>
tag:pablohoffman.com,2013:Post/573220 2007-12-30T14:42:24Z 2013-10-08T17:24:09Z Mounting Freebsd Ufs2 Partitions On Linux

It took me some time to find out how to do this, so I'll post it here hoping that someone will find it useful.

First of all, "fidsk -l" won't show all your FreeBSD disklabels, you'll have to do "cat /proc/partitions" to find the partition you wan't to mount. If the Kernel has support for disklabels (it comes by default on modern Kernels) you will see all your BSD disklabels.

Example:

# cat /proc/partitions 
major minor  #blocks  name

8     0  195360984 sda
   8     1     104391 sda1
   8     2    1044225 sda2
   8     3  194209785 sda3
   8    16   78184008 sdb
   8    17   78180291 sdb1
   8    32  117220824 sdc
   8    33  117218241 sdc1
   8    37    1048576 sdc5
   8    38    2097152 sdc6
   8    39    3145728 sdc7
   8    40    1048576 sdc8
   8    41  109878209 sdc9

Suppose I want to mount /dev/sdc9 (it was /usr in my old FreeBSD) on /mnt. This is the command to do it:

mount -r -t ufs -o ufstype=ufs2 /dev/sdc9 /mnt

Support for UFS2 is read-only.

]]>
tag:pablohoffman.com,2013:Post/573224 2007-12-21T23:12:04Z 2016-06-08T18:19:08Z Managing Your Configuration Files Using Subversion

When you have accounts in dozens and dozens of servers, it could be hard to replicate and keep track of all your configuration files (aka. rc files). To be honest, that's the reason why I never used rc files in the past, and always tried to stick with the default behavior of programs. But, for some time now, I've been using Subversion to keep and manage my personal rc files and it has proven extremely useful. If you don't know Subversion I recommend you to read about it, even if you don't plan to use it for development. It's a great tool for keeping track of files, not necessarily source code. The Subversion book is the reference, but you can also find plenty of tutorials online.

So the idea is simple: just use Subversion (SVN) to keep track of your configuration files, like you would use it to keep track of source code.

To create a repository for your personal rc files you would do something like this:

cd ~
svn mkdir -m "adding pablo rcfiles" https://svn.insophia.com/rcfiles/pablo
svn co https://svn.insophia.com/rcfiles/pablo .

Then, when you want to add some configuration files to revision control you would do:

cd ~
svn add .vimrc
svn ci -m "added vimrc to rcfiles"

Finally, when you edit some configuration files you can commit in one server and then run "svn up" in the all rest to synchronize to the last version, so you only need to modify your configuration files once, which is great. Also, if by some reason you broke a configuration file you could always revert to any prior version of the file (SVN provides this functionality). So, this is useful even if you don't have accounts in multiple servers.

We also use this approach at Insophia to manage the configuration files of our servers, and it has proven equally useful.

]]>
tag:pablohoffman.com,2013:Post/573230 2007-12-21T22:22:37Z 2013-10-08T17:24:09Z Transparent Connection Proxies Through Ssh

Have you ever ssh'ed into a remote server and wondered if you could run a program using the connection from that remote server in a transparent and easy way?

Well, you can and it's quite simple. Here's the recipe for Linux.

1. Install tsocks using your Linux distribution package manager (preferably) or compiling from source.

2. Add a file ~/.tsocksrc with this content:

server = 127.0.0.1
server_type = 5
server_port = 9999

3. add this to your environment variables:

TSOCKS_CONF_FILE=~/.tsocksrc

4. ssh'd into the remote server by typing:

ssh -D 9999 user@server

5. launch the application using tsocks. For example, if you want to run Firefox using the remote server connection, type:

tsocks firefox

There you go. The program will run using the connection from the remote server (where you have ssh'ed) in a complete transparent way, no matter which ports the program uses. An alternative way is to run the programs with this environment variable set:

LD_PRELOAD=/usr/lib/libtsocks.so

That would use the tsocks library always, even if you don't run the program with tsocks.

If tsocks is not available you still can do this if the application can be configured to use a SOCKS5 server (localhost:9999 in this case). For example, in Firefox you would have to go to: Preferences - Advanced - Network - Connect - Settings, and enter SOCKS Host: localhost, Port: 9999.

]]>
tag:pablohoffman.com,2013:Post/573233 2007-11-10T14:03:37Z 2013-10-08T17:24:09Z Domains Stolen Through Whois Queries

Beware of the whois service. There's a lot of people in the world spying whois queries to steal domain names.

Back in August I was looking for a cool name for my company, and the domain name was the starting point. To tell you the truth, insophia.com was not the first one at all, although I'm now convinced it was the best ;) I started with others (arguably more or less) cool names, which some bulk DNS selling company stole from me after 4 days of making my first whois query to find out if they were free. And I didn't even use any public web page for making the queries, I just used the good ol' unix command line tool.

So my advice is: if you are looking for a cool dot-com name, register all the "not so cool" domain names you find on the way, even if you are not sure at first (you never are anyway) whether you're gonna keep them. Because, when you get to decide, it may be just too late.

]]>
tag:pablohoffman.com,2013:Post/573240 2007-11-02T18:39:42Z 2013-10-08T17:24:09Z Iphone En Uruguay

Desde el martes mi nuevo celular es un iPhone. Al igual que hice con el V3, aqui les dejo los pasos necesarios para configurarlo con ANCEL.

Estos son los pasos necesarios para desbloquearlo (gracias Jimmy!) y hacerlo andar con la tarifa plana WAP de ANCEL. No estoy seguro que sea la forma más optima de hacerlo, pero doy fe que funciona para iPhones que vienen de fábrica con firmware version 1.0.2 o 1.1.1.

1. Downgrade a 1.0.2 (solo para iPhones con firmware 1.1.1)

En mi caso el iPhone me vino con la versión 1.0.2 de firmware, por lo que no tuve que hacerle un dowgrade. Sin embargo, tengo conocidos que lo han hecho y les funcionó. Sin embargo, no conozco a nadie que haya logrado desbloquearlo con la 1.1.1 y le funcione con ANCEL.

Este paso solo es necesario para iPhones con firmware 1.1.1. El downgrade es para volverlo a la versión 1.0.2 de firmware, que es la que funciona bien con las tarjetas de ANCEL, aunque probablemente tambén haya forma de hacerlas andar con la 1.1.1 pero aún no lo he probado.

Para hacer el downgrade hay que seguir los pasos de esta página. Limitarse solo a los pasos de esa página, no seguir con los siguientes partes.

Con eso ya tenemos el iPhone con firmware 1.0.2.

2. Activar y desbloquear

Ir a esta página y seguir todos los pasos, incluyendo las siguientes partes.

3. Configurar WAP ancel

Seguir con los pasos de esta página con las siguientes modificaciones:

  • en el paso 2 cambiar el APN por "wap" en lugar de "wap.voicestream.com"
  • en el paso 3, utilizar el siguiente archivo proxy.pac:
    function FindProxyForURL(url, host)
    {
    if (isInNet(myIpAddress(), "10.0.0.0", "255.0.0.0"))
        return "PROXY 200.40.246.2:3128";
    else
        return "DIRECT";
    }

Mas adelante seguiré actualizando este artículo cuando descubra otras cosas como hacerlo andar con la versión 1.1.1, etc. Aunque en estos momentos no ando con mucho tiempo para probar nada.

Otra cosa muy útil es poderse conectar a Internet (con la laptop) utilizando la conexión del celuar. Yo logré hacerlo con el iPhone siguiendo estos pasos pero es un procedimiento muy tedioso y no da para hacerlo todos los días, como lo hacía con el V3 que me lo detectaba como módem y podía conectarme y desconectarme al toque. Para el iPhone es mucho más complicado, ya que hay que compartir la conexión WAP por wifi. Según tengo entendido, esto es asi porque Apple intencionalmente no quiere permitir hacerlo, por los acuerdos que tiene con las proveedoras. Ya publicaré mas información al respecto.

A propósito, si logran hacer andar una conexión con un celular que brinde interaz de modem (como el V3) y quieren tener un acceso a Internet menos limitado (ya que ANCEL utiliza un proxy que bloquea todos los puertos) les recomiendo seguir esta muy buena guía de Francisco Castro, donde explica como hacerlo en Debian, aunque para otros Linux es muy similar.

]]>
tag:pablohoffman.com,2013:Post/573154 2007-11-01T21:43:09Z 2013-10-08T17:24:08Z Google Vs Facebook

Brillante la movida de Google para competir contra Facebook.

Están, básicamente, repitiendo lo mismo que hicieron con Google Talk para competir contra MSN.

Los aplaudo. y no necesito desearles suerte porque ya sabemos cual es el resultado de un protocolo abierto impulsado por una empresa gigante: éxito inevitable ;)

]]>
tag:pablohoffman.com,2013:Post/573158 2007-10-22T21:22:25Z 2013-10-08T17:24:08Z Email Obfuscation Techniques

Email obfuscation techniques are used to hide email address from spammers. They're used to show email addresses in web pages without the risk of exposing them to spam bots which constantly crawl the web harvesting for them.

In this article, I'll describe 3 techniques I've used to obfuscate email address.

1. Obfuscating the HTML code

This one consists in writing the email using HTML entities and (optionally) <span> tags. For example, if you want to to display the email "user@example.com" you would insert some code like this:

<span>u</span><span>s</span><span>e</span>
<span>r</span><span>@</span><span>e</span>
<span>x</span><span>a</span><span>m</span>
<span>p</span><span>l</span><span>e</span>
<span>.</span><span>c</span><span>o</span>
<span>&#109</span>

The <span> tags are optional but add an extra layer of complexity for spam bots trying to discover email address inside the page code. The advantages of this method is that the email is displayed seamlessly, in the same font as the rest of the text. However this is not a very effective method since most bots do automatic HTML entities translation on the fly removing <span> tags and HTML entities.

2. Using server side code

This one consists in using a server-side script (such as PHP) for generating an image containing the email that you want to display. This is the technique I use in my company website and is much more effective than the first one, although it doesn't display the email in the native page font, so the email will look more or less awkward depending on how different are the server font from the client browser font.

So, instead of inserting the email you would insert something like:

<img src="http://insophia.com/email.php?u=prh" />

Here is the source code of ths script I use in insophia.com (written in PHP using the GD imaging library).

As you can see, the email is not contained in the code at all since the script already knows the domain and automatically adds it. That's what makes this method so effective.

3. Using client-side (javascript) code

Finally, you can use Javascript (client side) code like the one I use in my personal contact page.

For example, if you want to display the email "user@example.com" you would insert a piece of code like this in your HTML:

<script language="javascript" type="text/javascript">
var part1 = "user";
var part2 = "example.com";
document.write(part1 + '@' + part2)
</script>

This technique is also very effective. It requires the browser to be Javascript enabled but that's probably a safe assumption these days, since most web pages requires JS to run.

]]>
tag:pablohoffman.com,2013:Post/573163 2007-10-02T12:06:44Z 2013-10-08T17:24:08Z Spam Is Over

It is over, but not in a traditional sense. I mean, I still receive loads of junk mail daily but they all go straight to the "Spam folder" so I never get to see them, pretty much as if I had never received them. Spam is just something I don't care anymore.

For me, it's quite clear now that Spam filters have beaten spammers, hands down. Of course you need to use a decent spam filter but, frankly, who doesn't? (when Gmail already provides an excellent one). There are also very good open source alternatives such as spamassassin and dspam, the latter which I've found extremely efficient. So, if you ask me, Spam is over. Sorry spammers, you've lost. Now let's focus on more important issues such as Net Neutrality.

Also, like I said a couple of years ago, Jabber will converge with email in the future (it's already happening with Gmail/Gtalk) so communication will require a previous "synchronization" phase between the parts where their must authorize each other, and that will hurt Spam very badly too.

]]>
tag:pablohoffman.com,2013:Post/573168 2007-09-19T21:25:30Z 2013-10-08T17:24:08Z Maximum Recursion Limit In Python

Today, while working on a project at Insopha, we were parsing some HTML code using BeautifulSoup for screen scraping purposes when we faced a maximum recursion depth exceeded runtime error. At first we thought it was caused by some bug in the BeautifulSoup library, but then we realized that the Python interpreter was detecting a recursion problem because of the sequence of callbacks called in the BeautifulSoup SGML parser triggered by the HTML structure which contained a lot of nested <span> tags. But it wasn't really an infinite recursion (just too many recursions) so it wasn't actually a BeautifulSoup bug.

Python comes with a default value of 1000 for maximum recursion limit but it can be changed through sys.setrecursionlimit().

So the question is: how much is safe to raise that value?. Well, Python also comes with a script to test that. Running that script (in Python 2.5) on several OS and architectures we got the following results:

  • Linux / 64 bits: 7400
  • Linux / 32 bits: 5400
  • OS X / ppc7450: 4800
  • Windows XP: 2000
]]>
tag:pablohoffman.com,2013:Post/573170 2007-08-26T02:20:31Z 2013-10-08T17:24:09Z Insophia Begins

Mucho he escrito y criticado en este blog sobre malapraxis en empresas como Microsoft, Antel y otras que (a mi entender) descuidan o equivocan el camino. Y lo cierto es que a todos nos gusta criticar lo que no podemos controlar. Es una forma de segura de criticar sin riesgos. Pues bien, ahora que realmente tengo la oportunidad de controlar mi propia empresa, espero no equivocarme o al menos no cometer lo mismos errores que he criticado en este blog.

Es entonces que, con mucha alegría, tengo el placer de anunciarles el lanzamiento de Insophia, una empresa que trabajará en el área de las tecnologías de la información (¡vaya sorpresa!). No hay mucho para decir que no esté en la página. Será una empresa dedicada a brindar soluciones basadas en software libre y, por lo tanto, tenemos pensado liberar todo el código del software y las herramientas que produzcamos, aún cuando las licencias que usemos no lo exijan (como la BSD), ya que no lo liberaremos por obligación sino porque realmente creemos que será beneficioso.

Actualmente somos 10 personas, aunque la mayoría son tímidos y aún no se animan a dar la cara :) Estamos trabajando en un proyecto web 2.0 grande de Europa en el cual desarrollamos en Python, un lenguaje muy potente e intuitivo que he usado anteriormente para NotiUY y mi proyecto de fin de carrera.

Como no podía ser de otra manera, Insophia también tiene su propio blog, aunque no pretende competir con VampiroZ ;)

Ah, y por si a alguien le interesa... we're hiring!.

]]>
tag:pablohoffman.com,2013:Post/573171 2007-07-21T10:53:48Z 2013-10-08T17:24:09Z Como Hace Plata El Software Libre

Hace mucho tiempo hacía una reseña sobre una entrevista que dió Fernando da Rosa, sobre software libre, en un programa uruguayo. De hecho, fue el primer artículo real de este blog.

Hoy tengo la felicidad de toparme nuevamente con otra entrevista brindada por Fernando da Rosa, pero esta vez a Radio Espectador donde responde muchas de las típicas interrogantes que se hace la gente que no conoce el concepto de software libre, como por ejemplo ¿cómo se hace plata con el software libre?.

Les recomiendo que la escuchen, la charla es imparcial, no tiene fanatismos, solo respuestas concretas y objetivas.

Desafortunadamente el streaming del Espectador (como software libre, al menos) deja mucho que desear, así que les dejo aquí unos links al audio de la entrevista en formatos más accesibles que RealPlayer:

Por si a alguien le interesa, estos son los comandos que utilicé para convertir el stream RealAudio de la charla a formato MP3/Ogg Vorbis:

mplayer -ao pcm:file=entrevista.wav rtsp://ms.espectador.com/audio/app_metafiles/ap070718darosa.rm
lame entrevista.wav
oggenc entrevista.wav

Gracias a Francisco Castro por facilitarme la tarea publicando el link del stream en la lista debian-uruguay.

Pueden linkear directamente al archivo desde otros blogs, el servidor tiene ancho de banda disponible y les prometo que las URLs no va a cambiar ;)

]]>
tag:pablohoffman.com,2013:Post/573175 2007-07-14T23:32:00Z 2013-10-08T17:24:09Z Mensajeria Instantanea Libre

Finalmente tengo mi propia dirección de mensajería instantánea Jabber (ver página de contacto) y, como era de esperar, igual a mi correo electrónico.

Así es, a partir de hoy disfruto de una cuenta Jabber en mi propio dominio, y no estoy atado a ningún proveedor de mensajería instantánea, lo cual me deja muy contento.

Hasta ahora usaba mi cuenta original de jabber.org (prh@jabber.org), la cual tenía registrada hace unos cinco años, pero que realmente empecé a usar cuando Google lanzó su Google Talk sobre Jabber, más concretamente desde que dicho servicio se hizo disponible a través de Gmail, que fue cuando la gente realmente comenzó a usarlo. Hasta entonces, la cuenta de Jabber era más una curiosidad que otra cosa. Pero, como ya lo decía hace un par de años, el protocolo Jabber se está imponiendo poco a poco como el estándar de facto para mensajería instantánea. Y, si bien Google ya dejó de ser santo de mi devoción, eso es algo por lo que todos deberíamos estarle eternamente agradecidos. De lo contrario, aún seguiríamos penosamente atados al cáncer del MSN.

Bueno, la cuestión es que ya soy felizmente libre con el e-mail, la autentificación (usando OpenID), y ahora la mensajería instantánea,

Si bien hostear tu propio servidor de Jabber puede estar fuera del alcance para algunos, ya hay servicios de hosting (como Dreamhost, entre otros) que proveen este servicio, aún en sus planes más baratos.

Y tú, ¿qué estás esperando para tener tu propia dirección personal de mensajería instantánea, independiente de cualquier proveedor?

]]>
tag:pablohoffman.com,2013:Post/573184 2007-06-24T18:47:06Z 2013-10-08T17:24:09Z Dynamips Simulador De Routers Cisco Para Pc

De vez en cuando uno se topa con pequeñas joyitas de software que le solucionan la vida y siente la necesidad de contarlo al mundo en su blog, porque sabe que a mucha gente le será útil el dato. Tal es el caso de dynamips, un simulador de routers cisco para PC que, junto a su frontend dynagen, hacen una pareja indispensable para el ámbito académico relacionado con routers Cisco. Y, como si esto fuera poco, ambos son software libre (GPL).

A mi al menos me ha resultado terriblemente útil para mis clases de redes en ORT y se lo recomiendo a cualquiera que trabaje con routers Cisco, tanto en el ámbito académico como en el profesional, ya que generalmente no se tienen routers Cisco de sobra para pruebas.

Les adelanto que permite "bridgear" la tarjeta de red de la propia PC a una de las interfaces ethernet del router virtual. ¡Brillante!. Lamento no haberlo encontrado antes, aunque es un proyecto bastante nuevo. Felicitaciones para su desarrollador, aunque alguien debería darle una mano con su blog ;)

]]>
tag:pablohoffman.com,2013:Post/573191 2007-06-03T05:42:37Z 2013-10-08T17:24:09Z Windows Es El Nuevo Dos

Algunos recordarán los primeros tiempos de Windows 95, cuando la mayoría de los programas aún corrían sobre DOS y teníamos que cruzar los dedos rogando para que se ejecutaran correctamente en una ventana de DOS. Recuerdo en particular el ProBoard (software que utilizaba para hostear mi BBS) pero también era el caso para muchos juegos legacy, como Mortal Kombat que (si mal no recuerdo) era uno de los más problemáticos debido al bendito modo protegido.

¿A qué viene todo esto?. A que tengo la impresión de que la historia se está repitiendo nuevamente, solo que ahora el rol de DOS lo ocupa Windows. Ahora es Windows el sistema operativo que se ejecuta en una ventana para poder correr juegos y otras aplicaciones no compatibles con el sistema operativo "nativo". Ya sea usando Vmware (Linux) o Parallels (Mac) el concepto es el mismo: correr Windows para poder ejecutar esa maldita aplicación que no aún no está portada.

La analogía del "modo protegido", si se quiere, también es válida en cierta forma, salvo que en lugar de aplicarse a instrucciones de hardware, se aplica a virus, troyanos y todo tipo de malware.

Reflexiones de domingo a la mañana... :)

]]>