Monday, August 17, 2015

15 Years of using Linux, Revisiting Mandrake 7.1

The first time I permanently installed Linux was in late 2000. This was before I had any much programming experience but had already developed an interest in computers and computation. One of my buddies, Anton, had interested me in some of the things he was studying at the time so I started looking into Linux. Mostly it was just a curiosity. I had little exposure to anything besides DOS and then Windows, and the intrigue of Linux being a free operating system developed by like-minded hackers in their spare time was why I decided to re-partition my 450mhz Pentium III Dell with Windows 98 and install Mandrake 7.1 on the re-sized partition. This wasn't my first Linux (Redhat 5.1 being the first) but this was my first permanent install. I had learned and grew with this install and spent many hours getting it configured just right, reconfiguring, rebuilding the kernel from source, and just all around tinkering and learning the facets of the system. I also used this environment to take baby steps in different programming paradigms and realized what I would be doing with the rest of my life (profound, I know).

It was 15 years ago this month that I purchased the August/September 2000 issue of Maximum Linux, a now defunct Linux magazine that bundled Linux CD's or other software with it's issues. Only a few months later on February 15, 2001 the magazine announced it was shutting down. I feel lucky, because at the time I had dial-up and the prospect of downloading hundreds of megs of Linux CD's just to give it a try would have been discouraging. Considering that to download this would take days for a single .iso file and I'm sure someone would have to use the phone in the mean time.

VirtualBox

Setting up my vm. 384mb was what my Dell had
Times really have changed. Today I can try new Linux almost immediately: With a few clicks I can spin up remote instances using Amazon EC2, or use any number of tools to get a working Linux on a local virtual machine. Mandrake 7.1 was before the days of the Live CD, so to try it you must have it installed. And since virtualization was still relatively new and expensive, I had no choice but to resize my windows partition. However today is much different, since today I'm installing an old version from an old CD-ROM to a virtual environment using VirtualBox,  an environment that is mostly usable and friendly to just about any operating system version. With VirtualBox I had to set up an IDE disk instead of the default SCSI. This time, instead 384mb I cranked it up to 4096mb. I don't think Mandrake supported SMP for multi-core processors out of the box, so I didn't bother to assign additional cores. And of course this is 32bit operating system so I chose the 32-bit Mandriva Logo for my VM.

Boot 

Booting Linux
Mandrake 7.1 CD boot screen
So after booting my virtual machine and selecting my D: drive to load the physical media I'm now staring at the Mandrake 7.1 boot screen, prompting me to install a fresh copy of fifteen year old software. What will I find? What will I remember? Well, I do remember this splash screen and those happy looking penguin icons, and the ephemeral splash screen star logo and output that fills the screen when I pressed enter to start my install. I recall the feeling I had when this occurred: I thought it was really cool to see this much output of what was happening with my computer. Not just a logo, but a logo and a lot of stuff I had no idea about at the time.


Installation

Install Screen
The install process was quite smooth. This set of steps has become more streamlined in recent years, and I remember that only within the past few years distributions will start the installation earlier and prompt questions while it is writing packages to disk. Back when this version was released that was not the case: there are a bunch of questions before and after the files are transferred, which is a bit frustrating and an obvious waste of time.

The one part of the install that stood out the most was formatting. In modern operating systems this takes very little time, but here it took quite a while. I didn't get an accurate count but it was at least a few minutes.

Formatting took a while..
As the file transfer of the packages being installed progressed I was  excited to see the packages names for software I wanted to check out- gcc, qt, netscape.


Setting up partition table
Installing packages


Logging In

A few minutes later my system boots and I'm presented the a crude and very old looking login prompt. All of the colors are basic, and icons look old as well. I log in and run uname -a to see what version of the kernel this is: Linux 2.2.15-4mdkfb, compiled May 10, 2000. I think my first impression of looking at an old window manager for the first time in so many years: everything looked great in a retro way. I was expecting to see something that was out dated and non-functional, but the blocky old style fonts and icons gave it a retro feel that so many games and software are now starting to imitate. I'm quite impressed how well everything seems to just work.


Window Managers

I didn't try them all out or even go into much depth, just logged into gnome and KDE get a feel for the old icons. I later took a look at enlightenment which not surprisingly looks almost identical to what e16 does today. My take away was that the Gnome icon's back then were way too dark and ugly, where the KDE icons had that isometric projection that made it felt like a Commander Keen game.






Netscape 

Now this was really blast to take a look at, even though I was unable to load any network adapter that Mandrake would recognize. I remember using an ISA 3com 10baseT card for networking with this OS, but unfortunately VirtualBox is limited on what it provides for emulation. All the technical aside, I decided to load up Netscape and look at some local content just to get a feel for turn of the century web content.


KDevelop 1.1, Qt 2.1
In the many years since my first experiences using a GNU/Linux based OS I've learned quite a bit about software development, and for the most recent 5 or 6 years I've been doing a lot with Qt. When I last used Mandrake I had known nothing about building large Qt based C++ applications and had only basic experience with programming in general.  I didn't use the IDE back then, so today I'm very interested to see an open source IDE from 15 years ago.

KDevelop 1.1 is incredible to start using, because again what caught my eye were those big blocky icons and ugly generic font for the text editor. I created a new project using a wizard and took a look at the Qt 2.1 MDI project. It was really cool to see some old school Qt code and how similar it is to what is currently used today, but unfortunately GL is missing from the default install, so I couldn't see QGL in action. I'm actually lucky that at least KDevelop was included by default on the install CD, along with Qt development libraries. After playing with KDevelop a bit more extending the sample project I started to get a feel for how incomplete the editor is today compared to any modern IDE. At work recently I recently built a Python editor and runtime environment, and I already have some more advanced features than this version of KDevelop sorely lacks (which were probably not yet imagined at the time).

Seeing that this project is just to poke around, and that I am not actually planning to ship Qt 2.1 software, I reluctantly decided to stop playing and move on.



Python/Perl/PHP

Just to get a wider feel for the system of the day I decided to search for these popular tools of the day that survived to today. Seeing as though I'm just getting my feet wet with python, I decided to fire up the interpreter in an interactive session and found out that this version is at 1.5.2. I really don't know what that means for the language in general: what changed from 1 to 2? I haven't even learned the difference between 2 and 3, and those are still in use today. All the basic stuff (the stuff I know) seems to work! Next I start up a Perl interactive session just to check out the version number, 5.6.0, and then run locate to find mod_php3 using version 3.0.16.

Final thoughts

I really liked reminiscing on my early days, especially with this experience that I had today. I didn't know if I would recognize what I was seeing but with some time it all came back. It was also quite fun to be able to now be able to use and understand the entire system, where as when I was first introduced to these new tools I was unable to utilize them. However, times have changed and even though I could probably hack away at this all night, my time is probably best spent on real projects on modern software. With it's nostalgic look and feel I really wished I could just keep using this as my daily dev box, however I already spent more time than I thought I would just loading and screen shotting so I decided call it a day. 

I never did resolve the network issue with VirtualBox, but when looking for solutions I came across a website that hosts old Linux CD's. They even had a listing for of Mandrake 7.1 disks but unfortunately the files were missing.

On a final note about Mandrake: Mandrake Linux doesn't  exist anymore, and had since been re-named to Mandriva. And since 2015, Mandriva has been liquidated. I think this was quite unfortunate, since Mandrake was one of the staple distributions that sparked interest in Linux and free software for a long time, but looking back now I realize that even if your roots were bleeding edge- the landscape is now completely different than it was back when I first got started.

Tuesday, May 5, 2015

Motorists vs Cyclists: comparing the rates of injury to pedestrians in NYC

I recently saw this link on reddit which shows cyclists running red lights, almost colliding with pedestrians. After reading through the comments I realized that many redditors in NYC are themselves cyclists. The discussion in the comments was quite shocking and divisive. The fact that other cyclists were defending this behavior seemed quite annoying since I also read quite often about cyclists injuring pedestrians, and even kill them more often that I can feel comfortable about. My girlfriend is often complaining to me about the citi bikes going the wrong way almost plowing her over on a regular basis. I got to thinking: how often do cyclists seriously injure pedestrians? I took a look for some stats on the subject and found an interesting study on the subject. In 2011 the rate of serious injury of a pedestrian by a cyclist in NYC was 6.06 per 100,000. What I did like to see from this study was that at least the numbers were in decline over the last few years of the study. However, knowing that I have a real chance of being hospitalized by a cyclist got me to not only worry, but wonder: what are the rates for motorists? How do they compare?

Please note: I'm not a statistician. My analysis may be inaccurate so please check for yourself.

Motorists v Cyclists: populations

First I wanted to get a good apples to apples comparison as much as I could. I wanted to find out the total number of motorsits and cyclists and to compare the numbers I found.  A few easy google searches on the subject lead me to nyc.gov sites with DOT stats and reports on motorists, cyclists, and incidents. The best stat I could get for motorists were the DOT registration numbers. In 2013 there were approximately 2 million registered motorists in the five boroughs. For the cyclists I found a document that has counts for cyclist reported from six different cycling hot spots. The average number of cyclists for all months for all six hot spots was about 20 thousand. Given the two numbers I have for both motorists and cyclists and that they are not accounted for the same way, I'm not sure if these numbers are a good basis for comparison however I have no alternative. Assuming that these numbers are comparable, there are 100:1 motorists to each cyclist in NYC.

Motorists v Cyclist: incidents

Likewise for incidents it was very easy to find data on the subject but I was similarly uneasy using what I found as a basis for comparison. For incidents of motor vehicles injuring pedestrians I found a page that summarized the NYPD reports for 2013. Assuming that their reporting is correct I found 12014 pedestrian injuries and 168 deaths for a total of 12182. For cyclists I couldn't find a 2013 set of numbers but I turned back to the 2011 study from the first paragraph to pull the totals. In 2011 there were 501 total injuries by cyclists. Although I can't match apples to apples since the years are different I can only make a broad assumption: there were approximately 24:1 incidents, motorist to cyclist.

Conclusion

Based on the numbers above and taken with some salt you may agree that cyclists are more dangerous to pedestrians than motorists. Based on the data, a cyclist is 4x as likely to injure a pedestrian than a motorist.

Monday, November 11, 2013

Google: No I don't want to "Stay signed in"

The Google recently updated their sign-in page but few may have noticed the subtle changes that are now almost forcing a user to stay signed in.

First off, every time you sign-in the check box is checked by default. Even if you sign in and out- the web page remembers your accounts but will not remember your preference for staying signed in.

Second- if you are signing in and un-check the box but mistype your password the page reloads with the checkbox re-checked.

Third- Since you now are back at this screen and may want to un-check this box again, the tab order is now altered. Before you could simply tab twice past the password box and hit the space-bar to un-check the checkbox. Now a link is in the way- if you tab twice and hit space-bar it will sign you in with the checkbox checked!

All of these seem kind of trivial for most users. Most people want to stay signed in on their personal computer. But for me and many like me I need access to my email from computers that are not my own. For me, having additional ways for my account to accidentally persist its session are cause for concern. Considering that Google probably has large team of people to think about all these scenarios it is also apparent that these changes were intentional to have the user stay signed in as much as possible, even if by mistakte.

Saturday, October 19, 2013

Android Permissions: what you should look for before clicking Accept

Chase Mobile
I don't intend to single out these apps in this post for their use of these permissions, as it seems that most android apps ask for and receive too many permissions when the apps are installed.

The Chase online banking application needs some permissions to enable some of the features of the app. This app allows the user to deposit checks using their phone and locate an ATM branch using GPS and mapping output. The app also initializes the dialer to auto-enter (but not dial) the support service.
These features seem useful and sure, they need to access the GPS, network, camera, and phone dialer.
but some other permissions seem to be out of the scope of normal banking and may not even be associated by user initiated features of the software.  which make me wonder what features they have actually use them:
- Disable screen lock: This one is strange. If they can disable the screen lock they can certainly 'spoof' a screen lock once the normal one had been disabled.
- Mock location sources for testing: One could imagine this could be used to tell the user that they are somewhere they are not.
- Take Pictures and Videos: Maybe these permissions are bundled, but should they? Taking a single photo to deposit checks is one thing, but a video seems to be too much
- Your Social Information: Modify contacts, read call log, read contacts, write call log. I can't imagine a legitimate use for any of these. Maybe if "modify contacts" is to include "add contact" if they want to push a Chase contact into my address book, maybe. But the rest sound like clear overreach.
Chase Mobile Branch Locator

Chase Mobile EULA

Super Bright LED Flashlight is an App on the Play marketplace that turns your Android smart-phone into a flashlight by turning on/off the flash LED that is built in for use with camera. The only features  or functionality/features I noticed are:
  • On/Off slider
  • The ability to 'blink' 
  • Super Bright LED Flashlight
  • Sound feedback on/off switch
  • Banner ads on the bottom
  • Reminder to rate the application
To be completely honest I found this app to be useful and fun to use. The slider graphic and ability to switch into blinking mode were not very useful but it made it a well rounded application more than just an on/off button for an LED.
However, even though I was happy with the features it gave me I am still a bit confused why it needs so much access to the phone itself. I'm guessing this has to do with how the application was built, rather than to provide functionality to the features that are given to the user. And since all I really wanted was a flashlight- pretty much anything besides access to the camera shouldn't be asked for, right?

 Storage: Modify or delete the contents of your USB storage
 User Features: I'll venture to guess this could be to save and load the status of the settings for the flashlight such as the blink setting or the sound on/off.

Your Location: Approximate location (network-based), precise location(GPS and network-based)
When I saw this feature in the list prior to first installing the app I thought maybe it was to link to where I was using the flashlight, or maybe while I'm using flashlight I can snap a pic? Now I'm guessing at best must be linked to the ads that appear, and at worst to track where I'm using their app.

Camera: Take pictures and videos
Just like with the chase app it seems this permission is linked to all possible functions of the camera. It doesn't even mention turning flash on-off but it must be part of the camera controls and is therefore linked to this explicit permission.

Your applications information: Retrieve running apps
I can't understand why a flashlight app would need to know what other running apps are loaded. Maybe there is a feature that tracks usage of the apps to gaugue how much power usage is being drained over time to let the flashlight know when it should turn off? The app doesn't appear to have this feature but I can't say I have used it while the phone has been running out of power to know for certain. The only reason I can guess if it is not a feature it is something to track the users habits for sale or use by the people distributing this app.

Phone Calls: Read phone status and identity
This one is also confusing. Why would a flashlight need to know if the phone is in use or who is using the phone? These two permissions are probably bundled, as we have seen with the Camera, so maybe one of these has a legitimate use. I must guess that the flashlight wants to turn off if a call is coming in (or flash, or something) which would be a good feature to have so the flashlight doesn't burn the battery when the user is on the phone.

Network Communication: Full network access
Most flashlights I have used in the past have not had access to communication networks. On the face of this permission it seems very obvious at this point they are not simply providing a free flashlight for you. They want you to provide feedback, click ads, and possibly send more data for them to use or sell.

System Tools: Modify system settings, test access to protected storage
As with most of the other permissions it is not clear what you are allowing the application to do. As we noticed before there are some permissions not explicitly granted in the permissions dialog, but are assumed implicity by the Android operating system. For this permission it is very unclear what the application may be doing to require this permission or what this permission really means. If we look at just these two permissions we have to assume that this app can change brightness settings, network settings, sync settings, and any other settings in the settings panel- possibly installing and uninstalling software they have decided (anti-virus, etc). This appears to be a security hole and I can't even imagine what the flashlight needs from this setting. The second setting is just as bad. The app is testing access to protected storage- possibly to check if the app can do something and get away with it without causing the operating system or anti-virus to flag the behavior.

Affects Battery: Control flashlight, prevent phone from sleeping
I got through all these settings, giving the benefit of the doubt to this app that they simply want to control the flashlight and maybe they are doing some tricks to get that to work- such as accessing the camera or possibly some system settings. It seems that is not the case.

This app wants to do a lot more than provide a free flashlight- it wants to control your phone.


Flashlight Permissions 
Even more Flashlight
Permissions
Flashlight Rating Reminder

Tuesday, March 12, 2013

Chromebook Pixel: Another follow up

I rarely buy something I can't touch first but after I saw the Pixel announced I knew exactly what they did. They made the perfect developer laptop, and that's what their intention was.
I think most people are like me, and what I am looking for is:
  • Full size, fully functional keyboard. I was skeptical at first- after I ordered the machine I realized I hadn't even looked at the keyboard layout. THen I looked online before it shipped and saw things like a power button, a search key, no function keys. That was off-putting but nothing was really missing. Search key instead of caps-lock. That's better. The keys that I thought "weren't" function keys, actual are. They just have actual functions now.
  • Bright big display. With 4:3 aspect ratio you can get more screen by going vertical. Other manufacturers with full size keyboards that have 16:10 or 16:9 won't get as many vertical pixels. This display is actually quite huge considering the amount of pixels it has- making it 'bigger' than my 30" monitor at 2600x1700. But not only is it huge, I can use it well too. The problem I've had with the 30" is having to move my head to see all those pixels on the screen. I end up using that display at a very crisp 1280x800 instead. On the pixel I can use all those pixels, and see them all. The display is small, but huge.
  • Thin, yet sturdy. It's not made of plastic, this thing is pretty solid. Some laptop screens are way too thin and seem like they would bend or flex. This one is thin but solid. I threw the thing off my bed last night at 3am after I fell asleep watching a documentary on North Korea- the thing SLAM on the floor probably scare the crap out of the guy living below me. Not a scratch. I thought the hinges would have bent or something, because this thing hit really hard, but nothing. No scratch.
  • Expansion, ports: Pixel has SD card reader to expand memory. I would have been happy to get USB 3 but to be honest I don't really transfer files too much any more. They are saved on the network.
So far I'm loving my Pixel, even though to be honest it's not my primary because it just stays home for now. I do some work on it from home but I am tempted daily to bring this to work to start using there because the feel of this machine is just great. My only dislike for the machine and probably the main reason I wouldn't use it at work is the glare. I hate screens with a reflection. This one is great to work at home but at work I'll have other light sources to ruin the experience.

Plato's Guardians

In Plato's Republic there is a discussion of the Guardian class, those that are imbued with power from the society in order to help guard it from itself. The only way this Guardian class can exist is if it has a special privilege. This class are the guardian/ruling class of the society. In the Republic, Socrates discusses the founding of a republic with Glaucon and Adeimantus and determine that this Guardian class is necessary for the stability of the republic to exist. I was thinking, yes this may be the case- that a balance of power given by the people to this ruling class is a fair trade, as long as the power is within reason and is held in check.
What we have been seeing lately in the US has been concerning to most people. Increased militarization of federal and even local police forces, aquisition of immense stockpiles of arms and ammunition, and possible use of drones to target citizens.  While I don't agree with these practices, I am curious to see how they are measuring to the success of the guardianship model as it has been applied to the earth.  Over the past century the 'guardian' has been gravitating toward the western world, almost completely dominated by the US.  During this time there have been questionable actions to wage wars that, even if you haven't read all the conspiracy theories on the subjects, seem completely non-credible. With all the ties and connections in countless publications and documentaries about the false flag operations throughout the world, I think we are all just on the edge of our seats to see when the next one will happen- ever since Sept 11.
But getting back to this concept of the Guardian.  Are we better off as a nation to have the guardian government militarize our homeland? Has the increased militarization over the past century helped or hurt the communities they have most affected?

Thursday, March 7, 2013

Rail guns: fastest way to mars (or moon) and back?

I recently took a look at some of what has been done for the Google Lunar X Prize to see what has been thought up of for launch vehicles. It doesn't seem like this is a concern for the participants, probably because they just figure they will stick whatever they are building to the end of a very large bottle rocket and aim up. I've been thinking about the problem of reusable launch vehicles and what would be the best way to get things to the moon, and thought first of rail guns. They are definitely reusable but require a ton of energy to launch something with enough force to reach the moon, and there is the issue of the earths atmosphere altering the trajectory. Then I thought, what If the railgun were in a low earth orbit, like a geosynchronous space station, that would receive payloads from earth to then blast off to the moon. Rail guns are also the perfect method to continuously launch materials back from the moon. Probably from its surface. The only issue I see now is- how do we bring that payload to a stop without destroying it. On the way back to earth its fine- if we are just sending raw material back it won't even matter if it is destroyed, just needs to hit some quiet place on target and the payload can be reclaimed. On the surface of the moon we would want those materials to end up safely- as parts or materials for building permanent structures, or materials for robots or settlers. For hitting the moon I'm thinking of how the approach would be. It would need a very accurate shot- from the rail gun satellite we would really likely attain that. Then, the spacecraft would need to be able to land without using too much re calibration of trajectory or expelling a large amount of fuel to slow itself down. This is where I'm a little stumped, probably because I don't know any of the physics involved. I'm assuming the shot that reaches the moon could enter an orbit that decays its velocity to a point where the resulting velocity is very low and only due to the acceleration of the moons gravity, not from the force that brought the satellite to orbit. To land safely I was thinking of inflating a large air bag to the vehicle that would soften the landing, and strike a surface so that the vehicle would roll on the surface and slow due to friction. I added a graphic below to illustrate- the projectile wouldn't "land" but would come in at an angular descent, gravity would cause the projectile to pull in, and on-board instruments would detect the object coming closer to the surface, setting off small amount of thrust to level the descent.

Of course, this is all just speculation. I'd love to talk to someone who can point out all the reasons this couldn't work so I don't have to think much about it anymore, but until then I'll just assume this could work.

The benefits of my approach are very clear, so I really do hope it is viable:


  • No need for tons of fuels for launch. We don't need to get there in a hurry, so even a minimal launch force would suffice even if it takes weeks or months to reach the moon.
  • The same method would be used for return vehicles. If we really intend to mine the moon we would want to send the materials back very easily and with low cost. This is possible with my approach
  • Launching vehicles on the way to the moon from orbit reduces the complexity and energy requirements of launching from earth. 
After thinking a bit further about this idea it became even more clear that geosynchronous orbit should be the end position of both 'sent' and 'received' payloads for each body. A gun in orbit around earth would launch a projectile such that the force used to send the projectile would help to maintain or change its own orbit or transfer energy to a flywheel. The target body the projectile is shot at would receive the payload in its orbit. Taking this a step further, a ground station could launch  a payload into low earth orbit, later met by the stage 2 launcher meeting the payload in low earth orbit. Once the payload is received and prepared for firing, the second stage would fire toward the moon, targeting a lunar orbit to meet the next stage for descent. This stage would prepare the payload for delivery to the surface.  Here, at stage 3, the payload is equipped with the lander. Lander would use reusable fuel to land to the surface, deliver the payload to the surface, and then reclaim fuel from surface material, and enter stage 4 preparation.  Stage 4 preparation would be a base station on the moon that would launch the lander back into orbit, meeting with stage 3 module.

To re-cap the 4 stages:

  1. Earth launcher, launch payload to meet low earth orbit module 
  2. Low earth orbit module, launch payload to meet lunar orbit module
  3. Lunar orbit module, land using reclaimable material from Lunar surface
  4. Lunar launcher, after Lunar orbit module reclaims sufficient material, launch to lunar orbit
At stage 4 it is required that material is reclaimed from the surface for future use in descent, this would be fuel to power thrust for a soft descent. I found a document here describing the fuels that can be used for the descent to lunar orbit. Another possibility for this last leg is a space elevator. Elevators on earth require far stronger material due to atmospheric turbulence. The moon however does not have this issue and could possible be built with far weaker and lighter materials. Space elevator may be the better option at a later phase, after the network of these stages is scaled to be able to utilize much larger mass.  From the Wikipedia article, a space elevator would require materials equal to 6100 tonnes for a single strand capable of tethering a counter-weight. Also, a space elevator would be subject to micrometeorites, potentially damaging or destroying a single strand system.