Friday, 31 August 2012

SketchingUp my Crib

July
I've found a crib, where I will move soonish. Hence I decided to do some planning. My goal is to use the space as optional as possible, for my liking. First I did draw the apartment using Drawing in VXG Docs (same as Drawing for Google Docs).

FB2 first drawing, dimensions being completely off.

Realising that would not do the job I decided to take some measurements and try to model the apartment using a 3D tool. A nice way of learning some new software as well.

The measurements.



9th of August
Choosing a 3D software was easy. I installed Trimble SketchUp (formerly known as Google SketchUp). I had looked at this tool one time earlier, back in 2008. Realising that it could be a good idea checking out some tutorial videos I in stead starting modelling right away. Learning by doing, not reading nor watching.

The name change not being completed yet.

Architectural Design, that is me!

Spending one hour drawing up the floor in the right dimensions due to not having read the manual.

After having made the floor I found this handy article on how to use SketchUp for interior design. Learning by doing and reading; the new plan.

12th of August
After a weekend with brilliant weather I found my way to the PC Sunday night, and found out some nifty things to do with SketchUp.

The box that will become my crib. Not big, but big enough.

After some work the box turned into something that started looking like an apartment.

15th of August
Back to the "drawing board". Struggling using sketch up for exact measurements. Spent a lot of time just adjusting the walls as the model was slightly inaccurate.

I like it to be correct, all the way down to the millimetre.

29th of August
After a long period with too nice weather for SketchUp I was back at the computer, just to realise that I don't know enough for making a proper model of my crib. Hence I started watching some tutorial videos.

SketchUp for dummies, part 1.

30th of August
Saw part 1, part 2, part 3 and part 4, and did learn a lot. Got the motivation for getting back to crib drawing once more. Started all over again to get a new and tidy model.

Better, much better! This is what the place looks like at the moment, more or less.

31st of August
Got a hang of it after having seen the tutorials. Sat up late from Thursday till Friday night and kept drawing. Added my desk, projector screen, a cupboard and a murphy bed as well (several items from the 3D Warehouse). Partly blocking the balcony door I do have a solution. No sofa, but maybe I should get a tiny table for brekkie. We'll see.

The most important elements in place. What looks like secret"rooms will be two cupboards.

A big projector screen is a must. A good work desk with plenty of wall cabinets above as well.

The projector will be hidden in the cupboard. The bed is a murphy bed that can be stowed away.

The cabinet will hide a fridge and a projector. It will be fitted with shelves for other stuff , that I didn't bother drawing in this model.

The bathroom is as good as it gets, and will only be fitted with a slim washing machine. Dropped drawing all the other details. A "big" closet for clothes is planned as well.

Finally, now I do have a plan. It only remains to see if it will be followed. Hopefully I'm conveniently located in my new crib before Christmas (yeah, I keep postponing the move).

Thursday, 30 August 2012

The Perfect Candidate


The Perfect Candidate
"So, what you've got for me, Ben?" John asks as he enters the control room fully packed with monitors and computers. It is one of very few computer facilities in the world with only American military-grade silicon chips. The recent stories on a possible backdoor made by the Chinese did cause stress. John never completely trusts anything produced in China. Luckily the backdoor threat was quickly dismissed by their own guys, along with external security experts. He does not worry about anyone snooping around in their networks, as there should be no ways to break in.
Except for the light from the screens it is all dark. Three men are stationed in the room. All of them CIA SigInt agents. Each sitting in front of two huge computer screens. On the wall behind them there are even more screens, showing images, maps and data. The agent sitting at the middle desk turns around.
"Sir. I'm sure we have found our candidate. Male, 38 years old, works at the control centre of the plant as a guard. Security cleared and with access to several of the server rooms."
"Likely to be persuaded?"
"Very likely, Sir. He is the perfect candidate."
Ben pulls up a video on one of his screens and starts it. It shows two men having sex with each other.
"The one on his knees and elbows is our man, we call him 'Mr Shaggy'." Ben says.
"Wonderful! I guess he will not like having this video shared with friends, family, mullahs and what have you got down in that God forsaken country."
Ben turns the video off.
"Guess not, and we have plenty of footage. That idiot has a clear view from his computer on his desk to his bed. We've been recording from the integrated laptop camera for hours. He never closes the lid. And that is not all. Mr Shaggy is using proxy servers for accessing restricted social media sites outside the country. He even has a Facebook and a Twitter account."
"A gay Muslim bypassing the Iranian government. I see a few pressure points here. Almost too good to be true."
"I know. We have followed him for two months. Next to recording everything from the mic and camera on his machine we have been logging every single keystroke he has made. We have all his passwords. By taking screenshots of his computer we see what he sees. By logging all his Internet traffic we knows what he is doing online. We have access to all his accounts. We know who his friends and family are. We've gone through it all, and Mr Shaggy is our perfect candidate to plant Stuxnet at the nuclear facility."
"Well done. Flame has once more proven efficient. When are we ready to initiate?"
"As soon as you say 'go', we'll jump, Sir. Our own guy is conveniently located in Bushehr, ready to pay Mr Shaggy a visit. He will convince him, gently of course, and give him the USB thumb drive along with the instructions to load the virus onto their servers at the nuclear power plant."
"GO!"
"Yes, Sir! Let's hope this guy accepts our offer. It's the last plant to be infected. And it takes time finding a new candidate."
"I'm sure Mr Shaggy will dance along just fine. And when he is done dancing you know what to do with him."
"Of course, Sir."


Epilogue
This story is made out of facts mixed with fiction. Nothing is science fiction though. The technology mentioned here is real and was created a long time ago. The Iranian nuclear plants were infected by Stuxnet, and Flame was created for espionage purposes. The malware, or viruses, are the most advanced viruses ever discovered, and has been spread around the world. Several security experts has stated there are links connecting these malicious programs to either USA or Israel, or both countries. Links has been added to this story for the reader to be able to research the key subjects of his or hers interest. And more related news about similar cases comes up all the time. Trust no one - they are tracking you!

Wednesday, 29 August 2012

SRM x 100

Race #35 2012 - 3.258km - 12.19 - Wednesday 26th of July


Sognsvann Rundt Medsols (SRM) quickly became an addiction to me, and it was my introduction to racing. It is because of SRM that I started my running "career". Before I only went for a slow jog now and then.

My 2008 times.

It all started back in October 2008. After the "race barrier" was broken with the first race I did another one, and another one, and another one. SRM #225 was very special. It is the only SRM race, as far as I know, where it has been snowing while running. The snow and the torches along the track was magical. Through the winter, after the SRM season 2008 had ended, I thought of this special race all the time. I was eager to get started once more, and when the spring came I was back at the lake. Since race 223 on the 15th of October there has just been a few times where I have not raced. The only three reasons for me not racing has been:
1) Due to participating in other races.
2) Due to being (very) sick.
3) Due to being away on holidays (I try to avoid this though : read more here and here).

The sun is shining - SRM on the 23th May 2012 (photo by Stian S Møller).

Since I've participated 100 times from race 223 till this week's race, which is 337 in the number, it means there has only been 15 (337-223+1 = 115) times in about three and a half years that I've not ran around the lake during the SRM season (the season is from the beginning of April till end of October).

I haven't been running that fast lately. It's about one year since last time I did set a PB around the lake, but maybe one day I will set a new one. Only time will show what times that will show up. All SRM results can be found here.

SRM PBs.


SRM #337


SRM Hangout On Air #2 - live from this page every Wednesday at 10pm CET.

And last but not least, celebration!

Tuesday, 28 August 2012

Crap

Crap [krap]
Part of Speech: noun
Definition: nonsense
Synonyms: baloney, bunk, bunkum, claptrap, drivel,
          foolishness, hogwash, idiocy, ludicrousness,
          poppycock, ridiculousness, rigmarole, tomfoolery,
          twaddle
ref : thesaurus.com

10 x 400m on a crap day.

Crap is a word that can be used describing today's 10 x 400m session. I did all the intervals in between 71 and 78 seconds. Horrible slow (back in May I did 10 below 70 seconds!). The worst thing was that I almost threw up afterwards. I felt like crap. I'm seriously struggling at the moment. I'm not in shape at all, and I find it hard pushing myself. For each session I'm only getting slower. The weather today was crap as well though. Despite being 28th of August it felt like 28th of October. Windy, rain pouring down, cold. Not very pleasant. I miss summer already.

Crap times! (src: identi.ca)

On the weekend I was considering quitting track sessions for good. Get back to slower and longer type of running and having it more pleasant. I still feel drained from the session before the summer. I find it sickening just thinking of pushing myself that hard ever again. If I want to make progress I'll have to though. Crap!

Two comments that I got the other day. One was nice to hear. (src: twitter)

Weekend plans
There are several races this coming weekend, like Nordmarkstraveren (2011 report), Kodalmila (2011 report) and Skiløpet. I haven't signed up for any. I actually haven't done much racing at all lately. I admit it, I've lost some of my motivation. This Saturday I should put on my runners and do a race. But the couch can once more get too tempting.

Stride
Nothing new though, but my stride and running technique is very far from perfect. Last week Mr V did some slowmo recording of me running. It's easy for Mr Jean to find a "few" things that should be improved. Below is the video analysis.

My knee is not high enough. My arm should be further back.

I'm "throwing" my leg in front of me, wasting energy and speed.

Same thing here, my knee should go higher.

As a result of throwing my leg in front of me I'm losing pace when landing.

Mr Bolt being the reference. High knee, good arms. (ref: somaxsports.com)

No "leg throwing" by these guys. This is how it should be done. (src: nbcolympics.com)


The Muscle Factory
Rounding off with a shot of Mr VV from the muscle factory (I still haven't been thrown out of there):

Sunday, 26 August 2012

Added Security part 2


Mat Honan
Many might have already heard about the Mat Honan case by now. If not you should read this story and this story. Those posts contain a lot of important information on what to do, and what not to do, when living in this online world. In brief Mat Honan was hacked through social engineering. The hackers got access to all Honan's important accounts (Amazon, Apple, Google and Twitter) and deleted most of his data by wiping his iPhone, iPad and laptop.


Password Security
The only practical way of using safe passwords for accounts online is by using a password management system. Personally I've gone with LastPass, and I have not regretted. However there are alternatives.


Millions of passwords has been lost lately, due to poor security at major Internet companies. LinkedIn lost about 6.5 million passwords, Last.fm lost their passwords (read more about these two cases at this page). Gamingo lost 11 million passwords (read more). Yahoo lost 400.000 passwords (read more). And the list do not stop there. The amounts of passwords that has become publicly available lately is massive. This has led to hackers, and others, having a great knowledge about what passwords people are using. For more info about that read this blog post.

To cut it short, rule number one of having a safe password is by using a long (preferable 20 to 30 characters) password generated by a password generating tool, like the one in lastpass. An example of a good password, generated by this tool, is:
vUa$L4tJ$*Ow^eRdOveBAweUFx#2RU
Please do not use passwords like "monkey", "love", "ninja" or what have you got (some list of commonly used passwords can be found here, here and here).

The password generator in LastPass

Rule number two is to never reuse the same password across different sites. Because you just can not know how sites are storing your passwords (many big sites store passwords as plain text) nor what type of security different sites has.

To follow rule one and two you do need a password managing tool for helping you out. If you are using LastPass you should properly secure your LastPass account. You do not want your LastPass account hacked, hence you should read this post and this post. Do use two factor authentication for LastPass and consider using restricted login from selected countries.

Using Google Authenticator is very wise.

Restricting logins from certain countries improves security.

LastPass Security Challenge
If on LastPass do take the security challenge to:

  • Analyzes data you have stored in your LastPass Vault
  • Tells you how secure you are by giving you a score from 0 to 100
  • Tells you how you can increase your security
  • Compares your score against all other LastPass Security Challenge participants


The result of the challenge will show you how to improve your security online. Like pointing out your insecure passwords, where you use the same password across sites and so on.







Browser improvements
Browser Lock extension
If running Chrome there is an extension that you can use to secure yourself at the office. The extension provides a way to lock down the browser, to prevent others with messing with your open accounts. This extension is far from bullet proof, as it can be forced removed. However it can save you from a few pranks by co-workers. Check out the Browser Lock extension.




Securing Facebook
I'm very far from a huge fan of Facebook, however I do have an account and I want to keep that safe. The following tweaks will improve your Facbook account security. You should consider doing the same with your account.

Log into Facebook and chose "Account settings" > "Security", then:

Enable "Login Notification".

Enable "Login Approvals".

Possible to install code generator on your phone.

A more secure Facebook account.

List of recognised devices.



Tor Project
If you want to surf online without leaving any traces you should check out the Tor Project (wiki page, and Tor Browser- What is it, How Does it Work, and How Does it Relate to Using a VPN?). Next to using DNSCrypt (mentioned here) your online activity is getting quite hard to track when using Tor.

Tor: The Onion Router

Information about Tor (about page):
Anonymity Online. Protect your privacy. Defend yourself against network surveillance and traffic analysis.


Inception
Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. Today, it is used every day for a wide variety of purposes by normal people, the military, journalists, law enforcement officers, activists, and many others.

Overview
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.


Super simple setup.

Connected in no time.

Surf  anonymously using the TorBrowser (a bundled version of Firefox preconfigured to use Tor) to stay safe.

Appearance in log files.


Encryption
Duplicati was mentioned in my previous security post. Bellow is another highly regarded security tool for encryption worth mentioning.

TrueCrypt
TrueCrypt is a free open-source disk encryption software for Windows 7/Vista/XP, Mac OS X, and Linux.



Main Features:

  • Creates a virtual encrypted disk within a file and mounts it as a real disk. 
  • Encrypts an entire partition or storage device such as USB flash drive or hard drive.
  • Encrypts a partition or drive where Windows is installed (pre-boot authentication).
  • Encryption is automatic, real-time (on-the-fly) and transparent.
  • Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.
  • Encryption can be hardware-accelerated on modern processors.
  • Provides plausible deniability, in case an adversary forces you to reveal the password: - Hidden volume (steganography) and hidden operating system.






The Right Way
I'm summarising this security post with an interesting read about insane password restrictions. Do check out the article at defuse.ca, where you can read about "the right way to store passwords".

Important keywords are hashing and salting.