It's too dangerous to go alone. Take this.

Archive for the "Misc" Category

Report SSH login attempts over Growl

Shortly after subscribing for a linode VPS, I started getting very paranoid about computer security. It had something to do with seeing SSH produce page after page of log output that looked like this:

Nov  1 21:42:13 li30-243 sshd[3223]: Invalid user festival from
Nov  1 21:56:30 li30-243 sshd[4991]: Invalid user florian from
Nov  1 21:58:09 li30-243 sshd[5185]: Invalid user fm from
Nov  1 22:00:03 li30-243 sshd[5429]: Invalid user foo from

This is a pretty blatant dictionary attack. And my machine gets peppered with these sorts of attacks constantly. All day, every day. What’s worse is that it’s coming from multiple computers at the same time. What was even more scary was when I noticed similar log output on my macbook pro at my apartment! One good idea is to use something like DenyHosts to automatically block IPs that have too many failed authorizations in a row. In the case of this kind of distributed attack, though, DenyHosts won’t help much. But since login attempts to your personal home Mac should be rare, it’s nice to have them brought to your attention. That’s why I wrote a simple intrusion detection script that issues Growl alerts. I call it, the SID Growler. Not much explanation for this one, because it should be pretty obvious how it works. Let me know if you have any questions though!

#!/usr/bin/env bash

# Watch the OS X secure log and show growl notifications when important events
# happen

authentication error


function stripLogPrefix
    awk '{
            for (i = 6; i < NF; i++)
                printf $i" ";
            printf "\n";

IFS="|" # Separate pattern chunks with the pipe character for egrep
tail -F $LOGFILE | grep --line-buffered sshd |
    egrep --line-buffered "${PATTERNS[*]}" | stripLogPrefix |
        while read line; do

            TITLE="SID Growler"
            MESSAGE="Message: $line"

            growlnotify --appIcon "Keychain Access" $TITLE -m "$MESSAGE"


In order to run it, of course, you must either use sudo or have a shell owned by root because /var/log/secure.log is owned by root.

Polling x.org’s keyboard state

Recently I needed to write a script that changed its behavior when the shift-key was held down. After some research to find a pre-made (and command-line-friendly) solution, I gave up and decided to rip open xkbwatch and see how it does it. It turned out not to be so scary and so I extracted the meaningful bits of code from it and condensed it into a more general-purpose tool. Let me know if I overlooked a really easy or simple way of doing this.

** xkbdump.c
** Dumps the modifier keys onto the command line in a space-separated list.
#include <stdio.h>
#include <X11/Xlib.h>
#include <X11/XKBlib.h>

int main()
    Display *dpy = XOpenDisplay(0);
    XkbStateRec state; // I don't fully understand this structure. 
                       // I only know that it reports my modifier keys.
    XkbGetState(dpy, XkbUseCoreKbd, &state);

    int i;
    for (i = 0; i < (sizeof(state.mods) * 8); ++i)
        if ((1 << i) & state.mods)
            printf("%d ", (1 << i) & state.mods);
    return 0;

The use-case I had imagined was something like this.

#!/usr/bin/env bash

# ^ Inferred above just by running xkbdump with ctrl/shift held down

both_held=$(xkbdump | grep "\<$SHIFT_KEYCODE\>" | grep "\<$CTRL_KEYCODE\>");
shift_held=$(xkbdump | grep "\<$SHIFT_KEYCODE\>");
ctrl_held=$(xkbdump | grep "\<$CTRL_KEYCODE\>");

if [ "$both_held" ]; then echo "Both shift and control were held down";
elif [ "$shift_held" ]; then echo "Only shift was held down";
elif [ "$ctrl_held" ]; then echo "Only control was held down";
else echo "Neither shift nor control were held down";

One last note. In order to build this, you need to tell gcc where to link against X11. Build with a gcc command like this.

gcc xkbdump.c -o xkbdump -lX11


I am anal about readable code. I think about it a lot. How code is spaced, how different variables and functions are named, how the abstraction I’m using is reflected in the way the code actually appears. These are all very important to me.

Most people who know me also know that I am a believer that Perl is a great language for writing supremely unreadable code. It always sort of seemed like the use of confusing syntax was the accepted “best practice” form of doing anything in the language. It’s now clear to me that perl was designed to promote confusion as the norm, and to offer readability as an afterthought. (more…)

Fuck You Zibri

I strongly recommend against using Zibri’s ZiPhone in order to jailbreak your iPhone. His “Fix Wi-Fi Issue” feature does you the favor of changing your MAC address after setting the following environment variable:

setenv wifiaddr “00:5a:49:42:52:49″

Awesome. Thanks so much. I always wanted to be MAC-address twins with all my best iPhone buds. Now we get to share the one IP that our office router is content to give the two of us.

Fixing it

Fortunately, I found this link that worked to get things back in working order: http://www.hackint0sh.org/forum/showthread.php?t=36078. It’s not pretty. I don’t see why I needed to fuck with my baseband in order to undo this crap.


I hate you, Zibri.

Tactlessly Loud


I have a really big voice. It’s been that way since high school. While most wouldn’t say it’s harsh or abrasive, I never have any trouble being heard. In a crowd, on a busy street, or from the back of the lecture hall, I stand out. Clearly this has its advantages. My thoughts and opinions generally will be heard and acknowledged. I’m hard to ignore if I’m set on expressing myself. And like most things, there’s disadvantages. Since I’m never not heard, there’s no room for me to hold a “private” conversation with anyone in a public place unless I’m whispering conspicuously. I think that a consequence of growing up like this is that I tend to assume that everyone can always hear everything I say and so I should only say things that are okay to say around everybody. Sometimes I slip up and then everyone hears something awkward or inappropriate.


I’m working on the new-school testing engine for OkCupid. We’re seeing lots of traffic lately and an overhaul of our test system is overdue. I can’t give too much away, but the thing that we have in the works is very slick. Much respect to Chris Coyne’s work in laying the groundwork for it.


I think the solution to my storage/media problem is easier than I thought. It turns out that a software hack exists for the Apple TV “Take 2″ which involves making a bootable Patch Stick. The instructions look scary, but lots of people seem to be having luck with it, so I think it’s worth the risk. I’ve already bought a 1 Terabyte MyBook World drive with Ethernet and USB connectivity. It should arrive on Monday. Once I get the drive working like I want it, I’ll add an Apple TV to the mix and try to bring it all together. Updates to come.


  • I just bought CoverSutra and it rocks. I was baited by the free sample I got via MacHeist and the search menu was enough to sell me on the upgrade.
  • I’m working on an OS X Chinese – English dictionary called Cidian. It’s based on CEDICT, the same source used by MandarinTools.com. MarndarinTools.com is great, but its UI is pretty tiresome.
  • Much respect to my old co-worker Aston Motes and his friends at GetDropBox.com. They’re making headlines in some pretty visible places these days. I’ve seen them on the Digg homepage, TechCrunch, and even the venerable DaringFireball.net. Good to see startups with talented people get the attention they deserve.

The Unix-y Perspective

A short conversation between Julian and me.

(15:24:59) Eli: have you ever wished you could close IM tabs with ctrl+d ?
(15:25:11) Julian: not particularly, no
(15:26:23) Eli: it sort of makes sense, from a really unix-y perspective
(15:28:24) Eli: my way of letting the system know that I’m done talking to you is by sending you EOF
(15:29:22) Julian: I guess
(15:29:32) Eli: same for closing terminal windows
(15:29:39) Eli: and deep down, I do consider you a terminal window
(15:29:49) Julian: I can tell
(15:30:44) Eli: exec 2>&-
(15:30:53) Eli: that’s what I say to you when I get sick of your whining “errors”
(15:31:08) Julian: message received
(15:31:14) Eli: reboot
(15:31:20) Julian has signed off.
(15:31:39) Julian has signed on.

Apple TV 2.0

I have a scratch that I need itched. My roommate and I have a bit over 100 GB of music, I have a bit over 300 GB of Movies and TV Shows (in various formats), and I have tons of photos and images (National Geographic, NASA, Salvador Dali, etc) that I’d like to have available for enjoying in my living room. On top of that, I’d like to be able to review menus of local restaurants and have a file server available to everyone on our wireless network. Since Apple announced the Apple TV 2.0, I’ve dreamt that it’s the piece of technology to scratch that itch, but reviews I’ve read recently leave me unconvinced that it will do everything I want it to do. My concerns boil down to the following:

  • Re-encoding all of my movies/TV shows
  • Maxing out the Apple TV’s built-in storage and not being able to expand it easily
  • Resorting to physical hacks in order to get network services on it (SSH, Samba, AFP, etc)

I could spend a few hundred more dollars and get a Mac Mini, but then I don’t think I’ll be able to use the remote to rent movies very easily. At $299, it’s probably worth it for what it will bring to the table. If it can’t be easily hacked to take a larger hard drive, it might be worth it for me to get a beefier NAS (drobo, anyone?) device to live someplace where I don’t care about noise (my closet) and then sync stuff from that onto the Apple TV using my computer, though I’d rather avoid needing an intermediate computer for this. By far, the most worrisome part of the Apple TV is that it simply can’t (and won’t) be able to fit all of my media. For anyone else who’s been thinking along these lines also, here are some links to Apple TV 2.0 reviews that I’ve collected:

UPDATE [03/12/08]

Ars Technica has released their ‘Mano a Mano‘ shootout between the XBox 360 and the Apple TV. It’s a great review, but sadly doesn’t really leave me with a solution that I’m happy with. I’m still leaning towards the Apple TV, and some software hacks for it would be very welcomed. I’ll research more and post later about it.

Dating Criminals

Ars Technica ran an article this morning about a piece of New Jersey legislation requiring that dating sites inform users in NJ about the fact that criminal background checks are not required for membership. The Internet Dating Safety Act tells dating sites that they have to send big, bold, ugly disclaimers on every piece of email sent to an NJ user and show them on every NJ users’ profile. And, as an extra “gotcha” safety measure, sites that do perform criminal background checks would still need to post disclaimers saying that criminal background checks are, in fact, not infallible and that users should still be wary. There’s so many things wrong with this, I hardly know where to begin.

Geek Toys

G-DRIVEI put the Apple Store gift card my sister got me to good use and got myself a 500 GB G-DRIVE. It got delivered on Friday so I’ve been using it all weekend to offload my huge collection of movies and tv shows. I had also ordered a new 2GB of RAM from crucial.com, but UPS dropped the ball on that delivery pretty badly, adding days to my wait.


書法 is hard

My brother got me a chinese calligraphy (書法: shÅ« fÇŽ) set for my belated birthday. The look of excitement on my face when I got it was about as genuine as it gets. I’m a huge dork for things that are antique-classy.

Calligraphy Set

I did some reading online and in the book that came with the set and decided to get started. Last night I began the meditative process of ink grinding so that I could start getting into the zone. I can’t help but think it would have been a little more meditative had someone told me in advance how much (or little, rather) water I needed to use with the ink stone.

Figure 8

Hours later, I managed to get my ink to do this: 

Ink Improvement