Tuesday, December 21, 2010

ssh key validation

Well, the vacation wasn't as long as I feared. It looks like its back, albeit not full force, but I do feel like writing code again. I guess I just needed to take a break.

At work I support an e-commerce system for a major, world-wide bank. When clients are renewing their keys (SSH, PGP, SSL), they must meet certain criteria in order to be accepted and put into the clients setup(s).

One of the more recent criteria changes is the requirement that all keys be of length 2048 or greater. That's easy to verify with SSL and PGP keys, but what about SSH? The group that is verifying the keys does not have access to a system where openssl is installed and thus, is at a loss for SSH key validation. That is where my development bug kicked in again. I quickly whipped up a Perl script that validates the length of the ssh keys and tells them if they are acceptable or not.

After talking with my boss about how to get it to the group that does the official verifications, it was decided that he would try to get funding for a project (internally) to put it up on our intranet so the group can readily access and us it. Quite exciting for me really as I have not had any of my code hosted like that internally at this company and I am loving the idea.

I am just glad that I could so quickly produce a tool for my group to use for the verifications in the mean time. Happy Holidays, everyone!

Thursday, December 02, 2010

Have you seen my development bug?

I know, it sounds like a strange title for a blog post, but believe it or not its a bit true. I seem to have misplaced and/or lost my development bug. The yearning and wanting to just sit down and code seems to have departed my psyche, leaving me with not much of an inkling at all to write code, let alone think about writing it.

Its really strange because only a year ago I remember sitting her all gungho, writing bits of code and having a blast, yet now, I just don't want to. I have seen plenty of people lose the geek bugs for whatever it was they were good at and even changed careers completely. I could never understand HOW that could happen, but I guess you never do until it happens to you.

I am sure its not forever. I tend to spend a lot of time in front of the computer, sometimes verging on an inordinate amount at times, especially when work calls and I am also working on a coding project. Please don't get the idea that I have lost all my geekiness, its not so. It is just the bug that made me want to code that has taken a vacation.

Also, don't think that this means you cannot ping me with geeky questions, as that is also not true. I am still quite open to helping people out. Yes, this even means if its coding related. Just because the coding bug has left the body for a short time doesn't mean I am incapable. I am more than happy to still help those in need of assistance.

I will still be posting here, and the posts will still be geeky, but it may be a short time before you see anything with code in it. Maybe it I will surprise now and then, but who knows. I do ask that you don't desert me just because I am taking a sabbatical from coding.

To give you a gift, here is an pretty good beginner tutorial on Perl. Not too bad really. Enjoy!

Tuesday, September 21, 2010

Let's go find some Private keys

I love it when people use a technology without thinking first. I deal with security software like PGP all day at my job and its ins and outs have become pretty routine for me. One of the first things you do after installing PGP is to create your public/private key pair. Once that is done, you can export your public key and share it with whomever you need to.

Your public key is just that, "PUBLIC". Which means it is fine to share it with the world. But your other key in the pair is your "PRIVATE" key. This keys should NEVER leave your system. It is typically protected with a password and is for your eyes only.

What I love is how many people don't think of this or even read up on the best practices before putting their keys out there.

If you do a search on the internet for the following: "BEGIN PGP PRIVATE KEY BLOCK filetype:asc" (without the double quotes around it), you will find a plethora of completely unsuspecting people and organizations that have no idea that their private key is out there for the world to download and abuse.

My suggestion to all of you is to create a new key pair and then export your public key, WITHOUT your private key. Because you shared it already, it is now compromised and you cannot ensure the nobody brute force hacked your password.

Thursday, September 09, 2010

So long use.perl.org

In an unexpected post this morning, it looks like use.perl.org is shutting down. I am not sure how many of you reference or read use.perl, but I was an avid peruser of the site. There were always interesting posts to read up there.

You will be missed use.perl, but hopefully you will return once pudge has a job and can find suitable hosting, the site will return. Until then it will be missed.

Friday, August 20, 2010

Refocusing after having time to think

The past year and a half has been a bit tumultuous to say the least. I say that because its very true. During the events of the last couple of weeks I have had a fair amount of time to think about some things and I have to say that clarity is an interesting thing.

I am not going to recap the events of last year as they can be read about in past posts. The past is the past and there is no use dwelling on things that cannot be changed, as continued venting will not be productive.

During my stint of recent thinking sessions, it occurred to me that its been quite a while since I have done any serious coding. Sure I have done a bit of scripting and one offs, but that doesn't exactly keep one's skills up where they should be.

Once I became re-employed last October at the company that I resigned from in 2007 (to be a developer), I stopped doing most coding and development in order to concentrate on my new job. When I left I was an SME (Subject Matter Expert) on the platform that I was heading the Implementations team on. My return to the company last year has me now supporting that same platform. In the time since I left they have done some reworking and changes to the platform and I needed to concentrate on picking up the little intricacies so that I can efficiently do my job to my fullest capacity. I am quite happy in this job and love what I am doing so I really needed to apply my time wisely and get back up to speed. I am sure you can understand that.

Don't get me wrong though. While I am not a developer for my day job, I still have a love for coding as a whole and love learning new languages and techniques. Becoming a better, more skilled coder is still a part of me and I want to get back to doing it.

See, while I was job hunting last year for almost 7 1/2 months, I realized that being a full time developer with my couple of languages just was not enough. Employers these days want a developer that is extremely efficient in several popular languages, which is something I did/do not have. I knew Perl quite well, at a high Intermediate/very low Advanced level, had a brief realization of PHP (which is to say I trouble shot a couple of minor things) and an advanced knowledge of Bash/Ksh scripting in a Unix environment.

Because of the above fact I resolved that being a full time developer just wasn't in my cards. Instead I am going to continue being a developer, but on the side where I can work my own hours and at my own pace. I don't really consider it settling as I absolutely love what I do for my day job. I love it and the company so much that I plan on retiring from this company.

I have become addicted to this beautiful site called Reddit. I have a need to go through the newly posted articles in the topics I subscribe to, on a daily basis. I have found almost as much through it as I have through StumbleUpon (Another addiction of mine).

In reading Reddit yesterday I found a newly posted article called, "How To Become A JavaScript Badass". I had made a list of the languages that I am highly interested in learning and JavaScript is up there on the list (with jQuery and Ajax), so this article truly peaked my interest.

The article started strong, going quickly into the tips the author had on how to go about becoming the JavaScript Badass the author mentioned in the title. But as I kept reading it was as if the author veered slightly off the JavaScript specific path and ventured down a path of tips that are meant to guide one into bettering themselves as a developer in general. It was almost as if it was a mantra. That article left me empowered and driven and I cannot thank the author enough.

After reading it (three times now) I have started to get myself together and more on a straight path toward learning the languages I want to and becoming an even better developer than I was before. Its like a much needed pep talk and I really recommend that developers read it. Granted its not the be all, end all, but its truly inspiring in my opinion.

Thursday, August 19, 2010

Privacy or no privacy.... its your choice believe it or not.

Today Facebook has released its newest feature, Facebook Places. This is quite similar to FourSquare, if you have ever used that service. The idea is that when you are out and about, you "check in" at the location where you are. There are locations for millions of places and if you can't find it, you add it and check in. You can earn badges for checking in so many times and for many other things. Its just another way to be social on the net.

Facebook's newest feature is quite like that except it is integrated into the whole of Facebook itself. In other words, when you check in, your friends will all know. As with anything that Facebook does though, the privacy 'activists' that are out there are already screaming about this add-on because, as stated in the Facebook blog posting on the topic, "Your friends will be able to share your check-ins with the applications they use to help create new social experiences with location."

Now, for all of you who are privacy concerned out there, here is what the above article states if you don't like your friends sharing your location information: "If you don't want to share your check-ins with your friends' applications, just uncheck the new box in your Privacy Settings under 'Applications and Websites.'"

Yes, Facebook has had just a few issues with privacy concerns in the past and some of them, especially in the beginning, were completely justified. But they implemented it so that each user is responsible for the information that gets shared. You can control this under your Privacy Settings in your Facebook account. The rule of thumb that everyone should remember though is, "If you don't want it known, don't put it out there!". Remember, putting it on the Internet once means it lives forever.

I remember an article from a couple months ago stating that if you went to a link in your front page called "Phonebook", that it would list all of the phone numbers for all of your friends that it could find them for. This was raised as a "huge privacy issue" by the activists and articles were written. I am not defending Facebook, but those numbers were pulled from the profile "Info" page for each of your friends. If they provided it, then it was displayed. Facebook was simply using readily availble info to show you your friends phone info. I heard it worked on all users, but didn't investigate that far. I notice now though that the link is gone from Facebook. This again goes to "Don't share it if you don't want it known".

People have to be wary of what they share on the net. Unfortunately, too many people aren't. I am quite skeptical and generally thoroughly investigate what I am entering and why and how it will be used before giving it. You have too. There are too many unscrupulous people out there.

Ok, off my soap box for now. Go forth and be "social", but be careful with your information. Its yours and is your sole responsibility if it gets out because YOU provided it.

Thursday, July 08, 2010

Using Python to Leech Files From an FTP Server

My friend Chris from MotomaSTYLE just helped me with a bit of Python scripting that I was working on. I have been really hitting the books on Python and have been LOVING it! Chris is really making the process a bit less painful when I hit a road block and I really appreciate that.

Here is a link to the article that he posted, including the code that was produced in the end.

Thanks Chris! You ROCK!

Thursday, June 24, 2010

My Geek Code

As you can see from the right side of my profile, I have a Perl Geek Code defined.  Well, I stumbled across the Geek Code itself and generated my code.  Here it is:

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/IT d-- s+:+ a C++++$ U++++$ P+++$ L+++$ !E--- W++$ N !o-- K- w--- !O !M- !V-- PS+? PE? Y PGP+$ t+ !5-- X R++* tv++ b++ DI+ D+ G e h---- r+++ y+++
------END GEEK CODE BLOCK------

Friday, April 30, 2010

Project Update - The Re-Learning speed bumps

It amazes me how you can stop doing something for a while ( like the web design side of the house ) and you can really forget how things work.  I have been working on getting a navigation menu working for the project at work and it took me a good couple of days to figure nut how to get CSS horizontal drop dad written wasn't.  own menus working.  I was scratching my head till I decided to take a step back, do some reading and then examine what I had done thus far.

I had to start by taking an example menu and get its code working.  Then, modified it for the options I needed and voila, working menu.  Then, I had to plug it in to the site, where it needed to be and make sure that it was where the other menu was.  That was a bit easier.

Once the menu was working, I compared it to my original code and I then saw the structure and quickly figured out what I was missing and why the code I had written wasn't working at all.  I just sat there, shaking my head in wonder at what I had forgotten and what I was slowly remembering.

So, onward I push.  The next step is to get the search page for the client database, designed, and setup so that I can then code the validation for the entered data and the processing to pull data from the database.  I think the only part at this point that I need to figure out is, if I pull information from the database and there are more than one clients returned, how can I have a list presented and then display the page for the chosen client.  This is all a new realm to me, so I am venturing into it with an open mind and a willingness to learn.

Sunday, April 18, 2010

Project Update

Well, I have been working on the project actively for a few days now and unfortunately, I am not as far as I would have loved to have been.   My experience working with Perl DBI is not extensive, and is limited to the job that I got laid off from last year.  What makes that experience a bit lessened is the fact that the DBI code was already written and all I had to do was extend what was already existing.

So, I have these spreadsheets, one in particular which is rather large, containing almost 2000 lines.  Each line is the information that we have for a customer/client.   I created a database, created a table in the database, and had written some code to parse out the data from its csv file format (which I exported from the Excel format it was originally in.

The problem that I ran into was that the prepare() statement kept throwing an error.  So, I posted my question up on to the Bytes.com in my Perl forum in hopes of getting some help, and I got it.  One of the experts in the forum was able to throw a couple of ideas my way.  RonB was able to throw a couple of ideas my way to get the data initially loaded.

I took a look at what he provided for ideas and decided to do the initial load via the MySQL interface.  Doing the load the following way, I specified the file to use to get the data from, the field delimiter (which is a : when I exported the Excel data to csv) and the fields that I needed populated, in the order that the data was presented.   I needed to specify the fields because the 1st column of data is a unique ID that is auto incremented.  Here is the command that I used:

mysql> LOAD DATA INFILE  "/path/to/file.csv" INTO TABLE client_info FIELDS TERMINATED BY ':' (PartnerName,CorporationName,ContactGivenName,ContactPhone,ContactEmailID,CommunicationProtocol,SecurityType,ECID,Source,GEID,GEMatchType,CrossoverWithGTI,ECIDv1,CustomerName,UltimateECID,UltimateName,CostCenter,DomicileRegion,SalesRegion,SalesHead,SalesManager,TMO1SID,TMO1Name,TMO2SID,TMO2Name,BankerSID,BankerName,CSOMgrSID,CSOMgrName,CSOSID,CSOName,CSPSID,CSPName,LOB,SubLOB,Segment,Market,Industry,ClientType,ClientStatus);

This actually seemed to work quite well.  See, the script I was working with had a big issue with special characters.  Some names contained an apostrophe, names were entered into the original spreadsheet in the format of  "last, first middle", which caused an issue when I originally used a comma as the delimeter.  The LOAD DATA command in mysql is quite useful, I must say and offers other options for specifying the format of the data.  I recommend checking it out.

Now, I have to worry about the interface that we are going to use for accessing the data.  I plan on designing it first, so that it is built and operational, then I will worry about things like a login interface and sessions.

I also still need to work on a Perl script to load data from a spreadsheet in the case of updates.  Our client base is about to grow astronomically over this year and this needs to be in place soon.  The update script will need to compare against the db for duplicates and only load the new entries.  So, that should be interesting.

I sooooooo have a lot of work ahead of me, but must say that its nice to have a project to work on that I know is going to be actively used by others.

Monday, April 12, 2010

Catching up.... and a link

As any code monkey and/or geek can tell you, work can certainly cause you to not have time for much else.  Having gone back to the company I was at almost 3 years ago (which I love working for, but had to leave to realize that), I find that I am incredibly busy, but its a good thing.

When I was here before, I was doing client implementations work.   I was one of the two original members of the team who ended up staying around the longest and became the expert on the system and the solutions we provided.  When I came back this past October (after 7 1/2 months unemployed), I came back on the other side of the wall and am now doing Production support for the platform I was implementing on before.  

Don't get me wrong, things have changed a fair amount (while some things remained the same or had gotten worse).  To say that I really like my new position would be a complete understatement.... I LOVE IT!!!  It is always amazing to be able to walk into a job and already know the platform (for the most part).  I just had to learn the intricacies of how my new group works.  

Recently, after having a talk with my boss, it was determined that we needed a database of our own with a web interface to it so that we can all access it, and our boss can run his metrics. Far too often do we have to look in a plethora of different databases and sites to try and find all the information that we need. Then, even when we do find it, it is not always easy to get that information in one general place where it can be referenced again later.  This project will change that.  It will be one place where we can put all the information we gather and have, so that we can reference it and even update it as needed.  

That said, the project that I mentioned back in my last post has been modified to be this project.  So far, I have gotten a second machine out of it (nice quad processing machine with 4 gig ram and a third flat screen monitor for my desk.  (the first two are attached to my dock for my laptop).  I have the machine installed with Ubuntu and configured with Amache2, MySQL, Subversion, and Bugzilla.  

The initial data that will be populated into the database table(s) is coming from a couple of spreadsheets that I was sent.  I am right now writing some Perl code to not only parse the Excel spreadsheets (that wasn't too aweful to do, especially using the Spreadsheet::ParseExcel module), but also populate it into the table(s).   I am being careful about this code because I want to be able to use it to produce a script for periodic updates.  It will need to check for data already existing so as not to duplicate entries.

Ok, the link I promised.  I stumbled across this earlier tonight.  Its an interesting page where you can look up functions for PHP and JavaScript.  It is quite the language reference.  It even has a reference for CSS and MySQL.  So far, I am really glad to have found it.

Thursday, January 21, 2010

New Project in the works

I have been at my new (old) job for a little over 3 months now, but that is more than enough time for me to see that there is A LOT that goes on every day. That platform that we primarily support is constantly having to be worked on due to bugs or issues that we find. Its like every week we are finding something else that is not right or is just plain wrong, or we are adding instances of an existing but, providing more proof of the bug itself.

Unfortunately, other than the notes that my team keeps in their spiral bound notebooks, we do not currently have any way to track the reports that we make and the bug tickets that get opened.

I have been researching the many (and I mean MANY) issue / bug tracking systems that are out there as a possible way for us to make entries and track each one, and also have the ability for our manager to run a report against it and get his own excel/csv spreadsheet for his weekly meetings.

Unfortunately, I have not been able to find any system that meets my exact needs. One of the most important requirements, being that I do not own the box where my site is hosted, is that it be wicked easy to install. It can require Perl modules or such, but I do not have root access and I have seen a few systems that require it.

The reporting piece is also an extremely important piece. Most of the systems that have reporting produce things like graphs and charts, but do not produce spreadsheets or csv files. The one that I did find is a Windows based system and I am working on Linux systems.

So, I am at the moment working on a full list of requirements and features that need to be implemented into this new system. This will certainly be one of the biggest projects I have ever worked on if it takes off as I expect. Of course, it will also be a lot of fun to boot.
 
Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.